Privacy Policy

1. Purpose

This policy sets out Ampthill and Woburn District Scout Council’s approach to protecting personal data and explains your rights in relation to how we may process personal data.

2. Who are we?

Ampthill & Woburn District Scout Council (“We” in this policy) is part of and governed by the policies and procedures of The Scout Association, which is registered with the Information Commissioner’s Office at the following address: Gilwell Park, Chingford, London E4 7QW.

We are registered with the UK Charity Commission under charity number 297192.

We are made up of:

  • A series of Scout Groups, consisting of Beavers, Cubs and Scouts and their respective management and support committees,
  • District Sections including: Explorers, Network and Active Support.
  • Milton Bryan District Campsite
  • Support functions overseeing volunteer management such as recruitment, training, appointments etc…

3. Some important definitions

We’ means Ampthill and Woburn District Scouts

‘Groups’ are the individual Scout Groups which make up the District.

‘Wider Scouting’ is the hierarchical structure above the District; this includes the County, Region, Country and UK Headquarters.

‘Processing’ means all aspects of handling personal data, for example collecting, recording, keeping, storing, sharing, archiving, deleting and destroying it.

‘Data Controller’ means anyone (a person, people, public authority, agency or any other body) which, on its own or with others, decides the purposes and methods of processing personal data. We are a data controller insofar as we process personal data in the ways described in this policy.

‘Data processor’ means anyone who processes personal data under the data controller’s instructions, for example a service provider. We act as a data processor in certain circumstances.

‘Subject Access Request’ is a request for personal data that an organisation may hold about an individual. This request can be extended to include the deletion, rectification and restriction of processing.

‘Member’ refers to past, present and prospective young people and adults who are registered as members of The Scout Association.  Where the member is a young person, data about their parent/guardian will also be stored.

‘Volunteer’ refers to past, present and prospective adults who volunteer their time, but are not registered members of The Scout Association.

4. What is personal data?

Personal data means any information about an identified or identifiable person. For example, an individual’s home address, personal (home and mobile) phone numbers and email addresses, occupation, and so on can all be defined as personal data.

Some categories of personal data are recognised as being particularly sensitive (“special category data”). These include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic and biometric information, and data concerning a person’s sex life or sexual orientation.

5. How does data protection apply within the Scouting hierarchy?

Who stores data?

In addition to the District , Groups, and Wider Scouting are their own data controllers and have their own data protection policies.  We have no authority over how they control their data.

Who has access to what data?

Access to personal data is restricted to only those who require it for legitimate Scouting purposes.  Access to data is restricted both by an adult volunteer’s role and their position within the hierarchical structure, which gives routine access as follows:

Groups

  • Access to Group youth members (Beavers, Cubs and Scouts)
  • Access to Group adult members and volunteers

District

  • Access to District youth members (Explorers)
  • Access to both Group and District adult members and volunteers

Wider Scouting

  • Access to both Group and District adult members and volunteers

Transfer of data

Personal data relating to Group youth members may be shared and/or transferred to the District where there is a legitimate reason.  This could include but is not limited to:

  • Group members attending a District event
  • Youth members preparing to move from a Group to a District section
  • Any incident requiring investigation or escalation, e.g. Safeguarding, accident etc…

Equally, we may need to share and/or transfer personal data to other Data Controllers within Scouting where there is a similar legitimate reason.

We will never transfer your personal data to a third party outside of Scouting without your consent.

6. What type of personal data do we collect and why?

Members and Volunteers records

Within the District we may hold personal data (including special category data) about members and volunteers on our membership database. We believe it is important to be open and transparent about how we will use your personal data. Information we may hold about you includes the following:

  • name and contact details
  • length and periods of service (and absence from service)
  • details of training you receive
  • details of your experience, qualifications, occupation, skills and any awards you have received
  • details of Scouting events and activities you have taken part in
  • details of next of kin
  • age/date of birth
  • details of any health conditions
  • details of disclosure checks
  • any complaints we have received about the member
  • race or ethnic background and native languages
  • religion
  • nationality

We need this information to communicate with you for Scouting purposes and your next of kin if required.  We also have a responsibility to keep information about you, both during your membership and afterwards (due to our safeguarding responsibilities and also to help us if you leave or re-join).

This data will have been collected in one of two ways:

  • Provided directly by you to Scouting, most likely when completing the member joining or contact forms,
  • Generated during your time in Scouting, e.g. training records.

Disclosure and Barring Service Checks

Safeguarding our youth members is our highest priority.  Therefore under Scout Association procedures, all current adult members and volunteers (and those wishing to join) are required to have an Enhanced Disclosure conducted to help check their suitability. 

DBS checks are undertaken by Atlantic Data Ltd on behalf of The Scout Association using information provided by the data subject.

In the event that an adult member or volunteer’s disclosure certificate is returned with notifications, UKHQ will notify the District Commissioner, who will follow The Scout Association’s defined procedures, which are available upon request.

District website

The IP address and session date/times of visitors to our District website (www.AmpthillandWoburnDistrictScouts.org.uk) will be captured and used by our website provider (www.ScoutsOnline.co.uk) to provide anonymised statistical information about website usage.

7. Storage of personal data

Computer databases

Our primary aim is to store all personal data with a password protected web-based databases.  Our three main systems include:

  • Compass is The Scout Associations dedicated adult records database.  Every adult member and volunteer will have a record within this system.  The access to personal data a Compass user has is based on their role within the hierarchal structure of Scouting as described in section 5.
  • Online Scout Manager (OSM) is an online membership system run by Online Youth Manager Ltd. OSM is a secure membership database where we store the personal information of adults and youth members for the day to day running of the District.  It is defined as a Scout Association third-party controller and is GDPR compliant.  More information is available at https://www.onlinescoutmanager.co.uk/security.php
  • ScoutsOnline provide the District website which has a facility to contact members of the District team and our Groups.  Submitted details are emailed to the relevant member of the District or Group so the reason for contact can be acted up.

Paper based records

Whilst we strive to minimise the storage of personal data on paper based records, we cannot completely avoid it.  The situations where this occurs are primarily:

  • Where personal data is being provided by the data subject, prior to it being entered into one of our computer databases described above.
  • Where personal data may need to be accessible when internet access cannot be guaranteed, e.g. on camp.

In these situations, paper based records will be securely stored and destroyed once no longer required.

8. Data retention

We may keep information for different periods of time for different purposes as required by law or best practice. We make sure we store this in line with The Scout Association Data Retention Policy available at: https://www.scouts.org.uk/about-us/policy/data-retention-policy
Emails within official District email accounts will be kept for a 3 month period unless:
  • They need to be kept for longer in line with the above Scout Association Data Retention Policy.
  • They contain information that is related to an on-going matter and/or still relevant.

9. Rights to accessing and updating personal data

Under data protection law, individuals have a number of rights in relation to their personal data.

  • The right to information: As a data controller, we must give you a certain amount of information about how we collect and process information about you. This information needs to be concise, transparent, understandable and accessible.
  • The right of subject access: If you want a copy of the personal data we hold about you, you have the right to make a subject access request (SAR) and get a copy of that information within 30 days.
  • The right to rectification: You have the right to ask us, as data controller, to correct mistakes in the personal data we hold about you.
  • The right to erasure (right to be forgotten): You can ask us to delete your personal data if it is no longer needed for its original purpose, or if you have given us permission to process it and you withdraw that permission (or where there is no other lawful basis for processing it).
  • The right to restrict processing: In certain circumstances where, for lawful or legitimate purposes we cannot delete your relevant personal information or if you do not want us to delete it, we can continue to store it for restricted purposes. This is an absolute right unless we have a lawful purpose to have it that overwrites your rights.
  • The obligation to notify relevant third parties: If we have shared information with other people or organisations, and you then ask us to do either (c), (d) or (e) above, as data controller we must tell the other person or organisation (unless this is impossible or involves effort that is out of proportion to the matter).
  • The right to data portability: This allows you to transfer your personal data from one data controller to another.
  • The right to object: You have a right to object to us processing your personal data for certain reasons, as well as the right to object to processing carried out for profiling or direct marketing.
  • The right to not be evaluated on the basis of automatic processing: You have the right not to be affected by decisions based only on automated processing which may significantly affect you.
  • The right to bring class actions: You have the right to be collectively represented by not-for-profit organisations.

10. Subject access requests

You are entitled to ask us, in writing, for a copy of the personal data we hold about you. This is known as a subject access request (SAR). In line with legislation, we will not charge a fee for this information and will respond to your request within one month. This is unless this is not possible or deemed excessive, in which case we will contact you within the month of making the SAR.

Our members or anyone else we hold personal data about can also ask for information from other elements of local and national Scouting. The relevant Scout unit, as data controller in their own right, will be responsible for answering these requests. We are not legally responsible for SARs to any other part of Scouting.

11. Contact details

Ampthill and Woburn District Scout Council

To exercise all relevant rights, queries or complaints, please, in the first instance contact our Data Protection Lead at Ampthill & Woburn District Executive, using data@AmpthillandWoburnDistrictScouts.org.uk

The Scout Association

You can contact The Scout Association UKHQ Data Protection Officer using Enquiries.dpo@scouts.org.uk or The Scout Association, Legal Services, Gilwell Park, Chingford, London, E4 7QW.

The Information Commissioner

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

 

Version 1.1, 29/01/2020

 
Ampthill & Woburn District Scouts
co Ampthill & Woburn Campsite, Church End, Milton Bryan , Bedford, Bedfordshire, MK17 9HR
Material on this website has been reproduced by permission of The Scout Association

Website Powered by www.ScoutsOnline.co.uk © 2014