Data Protection, GDPR and the Dittons Scout Group
This notice is issued in accordance with the General Data Protection Regulation and the Data Protection Act 2018.
These Regulations govern how Personal Information (PI) can be handled and how it must be protected by Data Controllers. Because of the information held on its members, Dittons Scout Group is classed, under those Regulations, as a Data Controller, and must comply with the Regulations. For general information about these Regulations and how they apply in Scouting, see further guidance on GDPR here.
The Data Protection Act 1998 governs the collection, recording, storage, use and disclosure of personal data, whether such data is held electronically or in manual form. Young people have the same rights as adults under the Act.
1. Why are we processing your data?
Dittons Scouts is a youth charity. Our mission is to actively engage and support young people in their personal development, empowering them to make a positive contribution to society. We are registered as a charity with The Charity Commission England and Wales charity number 1038983. Every year we hold an annual general meeting where members of the charity executive committee (our board of trustees), are appointed or elected. So that we can safely deliver Scouting within the Group, each Section i.e. Beavers, Cubs, and Scouts, and the Group Executive Committee will need to hold personal information about our members, their parents or carers and our adult volunteers (the Data Subjects). We will use this information to contact you both routinely e.g. weekly newsletters and for invitations to Scouting events that we are running or planning on attending, and in an emergency.
Personal data will only be collected and used for the purpose of activities directly relating to Scouting and/or a person’s Membership or association with Scouting.
2. Where will the data be held?
We utilise Online Scout Manager (OSM), a third party online management system (Data Processor) for handling, collecting and storing personal data relevant to the day to day running of the Scout Group. This system has been developed specifically for Scouting and Guiding Organisations. More information about the security measures employed by OSM, to protect all personal data can be found here.
We store all of the Personal Data held by the Group, on its members, on this online platform and conduct all reviews and updating of information held, payments, bookings, etc. through this system. No paper records of this information is held, although, on limited occasions, records may be printed out for taking to events/camps/sleepovers, where online access may not be possible. Beavers may hold additional information on badges and attendance on paper records. All physical records are destroyed after the event.
We provide all parents with permanent access to their personal information records, held by the group, on this online system, which is available for remote access by all parents at any time, following their setting up an account with secure login (required to make payments, confirm attendance to events, etc). All parents are required to ensure that information held by the Group is up to date and they are able to amend/update records as they might change. The Group also sends out an annual reminder to all parents asking to undertake this review.
OSM processes or records all Dittons payments for subs, camps, and events as far as possible using
the GoCardless online payment system. Information about how this system processes your data can be found here. This is a secure online payment system to allow parents to safely and easily make payment for their child.
Personal Information held on adult members of the Group is handled through the Scout Association Online System, Compass. This has been developed and is managed by the Scout Association for the recording of adult details, training, permits, DBS Disclosures, etc. Information about the use of Compass in the context of GDPR can be found here.
As far as possible, all email correspondence to and from the Dittons Scouts is undertaken through our group email addresses, with some of this correspondence generated by Online Scout Manager.
Sometimes we run meetings online, and for these we use Zoom. Zoom is a video-conferencing and online chat platform that has been approved for use within Scouting by The Scout Association. More information about Zoom’s GDPR policy can be found here.
Photographs, videos and audio recordings may be taken of our members taking part in Scouting activities and temporarily stored on personal computers, personal smartphones or personal cameras held by the Section Leaders. All text/phone call correspondence is conducted through personal mobile telephones held by the Section Leaders. WhatsApp Groups will use details submitted for section meeting information and organisation.
3. What data will we process?
The data we will process about our members will include but is not limited to names, dates of birth, addresses, email addresses, telephone numbers, doctor’s details, health conditions including allergies, dietary requirements, payment information, gift aid registration, and anonymised ethnicity information.
Photographs, videos and audio recordings may be taken of our members taking part in scouting activities and we publish these on section WhatsApp or Newsletters.
Occasionally, we may submit Photographs or Videos to local newspapers, the Group, District, or County newsletters, and websites or put on display for the sole purpose of promoting Scouting. We will never provide the names of any young person when using any of the above media, without the express permission of parents, in writing.
4. Who will have access to this data?
Members of the Dittons Scout Group Leadership Team and the Executive Committee will have varying levels of access to this information according to their role and information needs.
Everyone who has access to this data holds a Scouting Enhanced DBS certificate.
The Dittons Scout Group is part of the Esher District Scouts (the District) and Surrey County Scout Council (the County). The Group will periodically join in events that are run by the District or the County. For these events, essential data required to provide safe scouting may be shared with the organisers for the purpose of the event only.
As part of a larger Scouting Organisation, the Group shares certain records/information held from time to time with the Scout Association headquarters. Limited information may also be shared with HM Government under the Coronavirus Act 2020 for e.g. the purposes of Track and Trace.
No information is passed outside the Scout Group to Third Parties.
5. How long do we retain the data for?
We will retain data for as long as the Data Subject remains a part of our Group and for up to 12 months thereafter. After 12 months, we will retain some data in a more limited form (just name and badge records). We will also keep any Gift Aid information for the statutory 7 years as required by HMRC. If a member moves
to another Scout Group, we will ask for permission before we share any data with the new Group.
6. Your Rights
If you have any questions related to the Data we hold, or any questions about your rights please contact us via gsl@dittonsscouts.com
Suzan Baker – Dittons Scouts GSL – January 2022