General Data Privacy Notice

2nd Penrith Scout Group

Our Privacy and Fair Processing Notice describes the categories of personal data we process and for what purposes. We are committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR).

2. Who are we?

Our Scout Group, 2nd Penrith Scout Group, is a youth charity. Our mission is to actively engage and support young people in their personal development, empowering them to make a positive contribution to society. We are incorporated by royal charter and are regulated as a member of the UK The Scout Association, (see www.scouts.org.uk for more information.) As part of The Scout Association we are not required to be individually registered with the UK Charity Commission.

Every year in June we hold an annual general meeting where members of the charity executive committee (our trustees), are elected, any parent of a youth members can decide to be in the executive at the AGM and every parent has the right to attend the Annual General Meeting.

We are based at The Scout Hut, Folly Lane, Penrith, Cumbria CA11 8BT.

Our Group Executive Committee is the data controller for the information we collect from you. Any personal data that we collect will only be in relation to the work we do with our members and through our relationship with supporters, donors and funders.

Our website address is: https://2ndpenrithscouts.org.uk

1. Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in our Scout Group’s (the data controller’s), possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

How we gather personal information

Much of the personal information we hold, is provided to us directly by yourself or by parents / legal guardian in either paper form, email, text message, telephone call or via our online membership systems, in the case of an adult member, data may also be provided by third party reference agencies, such as the Disclosure and Barring Service (DBS).

Where a member is under the age of 18, this information will be obtained from a parent / guardian and should not be provided by the young person.

3. How do we process your personal data?

We comply with our obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We process the data to have the ability to contact the member, parents and guardians, to inform them of meetings, events that the group itself may be running or attending.

We use personal data for the following purposes: –

  • we collect personal and medical information for the protection of that person whilst in the care of the Scout Group
  • we collect religious data to respect a person’s beliefs with regards to activities, food and holidays
  • To enable us to provide a voluntary service for the benefit of the public in a particular geographical area as specified in our constitution
  • To administer membership records
  • To fundraise and promote the interests of the Scout Group
  • To manage our volunteers
  • To maintain our own accounts and records (including the processing of gift aid applications);
  • To inform you of news, events, activities and services running at 2nd Penrith Scout Group

4. What is the legal basis for processing your/your child(ren)’s personal data?

We only use your personal information where that is permitted by the laws that protect your privacy rights. We only use personal information where:

  1. We need to use the information to comply with our legal obligations
  2. We need to use the information to contact with you, regarding meetings, events, collection of membership fee’s etc, (i.e. for the day to day running of the group)
  3. it is fair to use the personal information in your interests, where there is no disadvantage to you – this can include where it is in our interests to contact you about products or services within scouting.
  4. The processing is necessary for the persons legitimate interests or the legitimate interests of our Scout Group unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

5. How we store personal data

Data description Personal data included Stored using Retention policy
Information about our members;   to ensure we can provide safe and effective activities and communication Contact information: Name, date of birth, gender, address, telephone numbers, email of the member and parents/carersBadge and activity records SENSITIVE PERSONAL DATA regarding religion, additional needs, disabilities, ethnicity medical information and commission of offences or alleged offences Online Scout ManagerSpreadsheets and Word processing documents (mobile, computer, online secure storage)Office 365 Retained for 7 years, or until their 21st birthday, whichever is later, to fulfil our legal obligations.
by UK Scout Association. See http://scouts.org.uk/privacy 2 years after membership ceases (to support continuity should the person reapply for membership)
Information about Safeguarding incidents;   to ensure the safety of our members and fulfil legal obligations Contact information and information regarding the nature of any allegation, the status and outcome of the investigation PaperGroup, District and County emailElectronic Files (mobile, computer, online secure storage) Indefinitely, to fulfill our legal obligations
Information about accidents and near misses;   to ensure the safety of our members and fulfil legal obligations Contact details and nature of accident Office 365Group, District and County emailsBy the UK Scout Association 7 years, or until their 21st birthday, whichever is later, to fulfill our legal obligations
Information about our event attendees;   to ensure we can provide safe and effective activities and communication T-Shirt size of each participant Bespoke event booking system Online Scout Manager 7 years, or until their 21st birthday, whichever is later.   Aggregated summary statistics indefinitely.
Contact details, next of kin information, medical conditions and special diets.   (Includes sensitive data, as defined) Paper forms Online Scout ManagerShared with event organisers Paper forms destroyed after the event, except in cases of accident/incident (see above).   Electronic data: 7 years, or until their 21st birthday, whichever is later.
Information about general enquirers;   To ensure that we can respond to the enquiry effectively Contact information and nature of  enquiry, which may contain personal data Online Scout ManagerSpreadsheets and Word processing documentsOffice 365Email systemOur website (See website privacy notice) Electronic data: 7 years, or until their 21st birthday, whichever is later.
Information about complainants;   To ensure that we can respond to the enquiry effectively Contact information and nature of complaint, which may contain personal data Online Scout ManagerSpreadsheets and Word processing documentsOffice 365Email system Indefinitely
Bank details of our members, family members  and our suppliers;   To ensure we can receive payments and pay monies efficiently Contact information Sort-code and account number Online Scout ManagerSpreadsheets and Word processing documentsOffice 365GoCardlessEmail system 7 years, or until their 21st birthday, whichever is later.   Third parties: Merchant’s policy

We are committed to the protection of your personal information.

We generally store personal information in one of two secure digital online database systems, where access to that data is restricted and controlled. These are accessed using Group-owned electronic equipment and on volunteers personal mobile and personal computers.

Compass: – is the online membership system of The Scout Association, this system is used for the collection and storage of Adult personal data.

Online Scout Manager is an online membership system run by Online Youth Manager Ltd, this is a secure membership database where we store the personal information of Adults and Youth members for the day to day running of the group.

Printed records and Event data

Paper is still used within the sections to capture and retain some data for example the following: –

  • New joiners form.
  • Health and contact records update forms
  • Gift Aid Collection forms
  • Events consent from parents
  • Events coordination with event organisers
  • Award notifications/nominations

In the case of Joining forms, Health and contact update forms, this information is securely held by the leader or waiting list manager, and transferred to our secure digital systems as soon as possible. Paper forms are destroyed when they are no longer required.

Gift Aid collection forms, will be securely held by the Groups Treasurer to aid in the collection of Gift Aid for monthly membership fee’s, we have a legal obligation to retain this information for 7 years after our last claim.

Events

As a member of 2nd Penrith Scout Group it is hoped you will take up the opportunity to attend events and camps, where is necessary to fulfil our legal obligations we will be required to potentially have a less secure means to access personal information, such as printouts of personal contacts and medical information, (including specific event contact forms), rather than relying on secure digital systems, as often the events are held where internet and digital access will not be available. We will minimise the use of paper to only what is required for the event/camp.

We will ensure:

  1. Transfer of paper is secure, such as physical hand to hand transfer or registered post.
  2. Paper forms are securely destroyed after use.
  3. Secure destruction will be through a shredding machine or securely burned.
  4. Always keeping the paper records secure, especially when in transit, by using:
    1. A lockable brief case.
    1. A lockable filing cabinet if long term stored.
  5. If transferred to somebody, we will audit that they return them when the event is complete.

Awards

Sometimes we may nominate a member for national award, (such as Queens Scout or Duke of Edinburgh award), such nominations would require we provide contact details to the awarding organisation, this is most often done on paper via registered post.

6. Sharing and transferring personal Information

We will only normally share personal information within our Scout Group leaders and executive members.

We will however share your personal information with others outside our Scout Group where we need meet or enforce a legal obligation, this may include, Eden Scout District, Cumbria Scout County, The Scout Association and its insurance subsidiary “Unity”, local authority services and law enforcement. We will only share your personal information to the extent needed for those purposes.

If you move to another Scout Group or Explorer Scout Unit we will transfer your personal information to them.

We will never sell your personal information to any third party for the purposes of marketing.

Sometimes we may nominate a member for national award, (such as Scouting or Duke of Edinburgh award) such nominations would require we provide contact details to that organisation.

Your personal data will be treated as strictly confidential.  We will only share your data with third parties outside of the organisation where there is a legitimate reason to do so. We will take steps to anonymise the data we provide (i.e. collective reporting on gender, ethnicity, age, etc.).  If identifiable data is to be shared we will seek your consent.

Third Party Data Processors

2nd Penrith Scout Group employs the services of the following third-party data processors: –

  • The Scout Association via its adult membership system “Compass” which is used to record the personal information of leaders, adults and parents who have undergone a Disclosure and Barring Service ( DBS) check. See their privacy notice at: https://scouts.org.uk/privacy
  • Online Youth Manager Ltd (Online Scout Manager) which is used to record the personal information, badge records, event and attendance records etc, we have a data processing agreement in place with online youth manager, more information is available at https://www.onlinescoutmanager.co.uk/security.php
  • Google occasionally used for secure transfer of limited personal information for events. See https://policies.google.com/privacy

Email Systems:

  • We use Office 365 for email accounts and Office 365, Online Scout Manager and TSOHost for storage of personal data. All email addresses using @2ndpenrithscouts.org.uk are covered by this service.
  • Office 365, provided by Microsoft, has extensive expertise in protecting data, championing privacy, and complying with complex regulations, and currently complies with both EU-U.S. Privacy Shield and EU Model Clauses. They believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. They are committed to GDPR compliance across their cloud services, and provide GDPR related assurances in their contractual commitments.

Website Hosting

  • Our website is hosted by TSOHost within a UK data centre located just outside London, in Slough. See https://www.tsohost.com/legal/privacy-policy for more details.
  • Located in the same facility as their UK office, their 9,300 sq ft data hall uses 3m perimeter fencing, 25+ CCTV cameras, 24×7 personnel and electronic access control systems to safeguard their data hall from unauthorised access.

 

Automated decision making

2nd Penrith Scout Group does not have any automated decision-making systems.

 

Transfers outside the UK

2nd Penrith Scouts will not transfer your personal information outside of the UK, with the exception where an Event is taking place outside of the UK and it is necessary to provide personal information to comply with our legal obligations, although generally such an event will have its own data collection form which will be securely held and disposed of after the event.

7. How do we protect personal data?

We take appropriate measures to ensure that the information discussed to us is kept secure, accurate and up to date and kept only for as long as necessary for the purpose for which it is used.

8. How long do we keep your personal data?

We will retain your personal information, throughout the time you/your child(ren) are a member of 2nd Penrith Scout Group.

We will retain your full personal information for a period of up to 7 years (or until the age 21, whichever is later) after you have left 2nd Penrith Scout Group to fulfil our legal obligations for insurance and legal claims.

We will also keep any Gift Aid Claim information for the statutory 7 years as required by HMRC (which may be beyond age 21)

9. Your rights and your personal data 

You have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use. In addition, you have a right to complain to us and to the data protection regulator.

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

  • The right to be informed – you have a right to know how your data will be used by our Scout Group.
  • The right to access your personal data – you can ask us to share with you the data they have about you!
  • The right to rectification – this just means you can update your data if it’s inaccurate or if something is missing. You can view and edit your personal information directly on our online membership systems Online Scout Manager and Compass.
  • The right to erasure – this means that you have the right to request that we delete any personal data they have about you. There are some exceptions, for example, some information can be held for legal reasons.
  • The right to restrict processing – if you think there’s something wrong with the data being held about you, or you aren’t sure if we are complying to rules, you can restrict any further use of your data until the problem is resolved.
  • The right to data portability – this means that if you ask us we will have to share your data with you in a way that can be read digitally – such as a pdf. This makes it easier to share information with others.
  • The right to object – you can object to the ways your data is being used. This should make it easier to avoid unwanted marketing communications and spam from third parties.
  • Rights in relation to automated decision making and profiling – this protects you in cases where decision are being made about you based entirely on automated processes rather than a human input.

Please contact the Group Scout Leader for more information, in the first instance.

Whether or not you exercise your new rights is up to you – the main thing to remember is that they’re there if you need them.

10. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

11. Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact our Data Protection Lead at groupleader@2ndpenrithscouts.org.uk or telephone 03333 393710

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Reviewed:  28/07/18

Data Privacy Notice

2nd Penrith Scout Group

Our Privacy and Fair Processing Notice describes the categories of personal data we process and for what purposes. We are committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR).

2. Who are we?

Our Scout Group, 2nd Penrith Scout Group, is a youth charity. Our mission is to actively engage and support young people in their personal development, empowering them to make a positive contribution to society. We are incorporated by royal charter and are regulated as a member of the UK The Scout Association, (see www.scouts.org.uk for more information.) As part of The Scout Association we are not required to be individually registered with the UK Charity Commission.

Every year in June we hold an annual general meeting where members of the charity executive committee (our trustees), are elected, any parent of a youth members can decide to be in the executive at the AGM and every parent has the right to attend the Annual General Meeting.

We are based at The Scout Hut, Folly Lane, Penrith, Cumbria CA11 8BT.

Our Group Executive Committee is the data controller for the information we collect from you. Any personal data that we collect will only be in relation to the work we do with our members and through our relationship with supporters, donors and funders.

Our website address is: https://2ndpenrithscouts.org.uk

1. Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in our Scout Group’s (the data controller’s), possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

How we gather personal information

Much of the personal information we hold, is provided to us directly by yourself or by parents / legal guardian in either paper form, email, text message, telephone call or via our online membership systems, in the case of an adult member, data may also be provided by third party reference agencies, such as the Disclosure and Barring Service (DBS).

Where a member is under the age of 18, this information will be obtained from a parent / guardian and should not be provided by the young person.

3. How do we process your personal data?

We comply with our obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We process the data to have the ability to contact the member, parents and guardians, to inform them of meetings, events that the group itself may be running or attending.

We use personal data for the following purposes: –

  • we collect personal and medical information for the protection of that person whilst in the care of the Scout Group
  • we collect religious data to respect a person’s beliefs with regards to activities, food and holidays
  • To enable us to provide a voluntary service for the benefit of the public in a particular geographical area as specified in our constitution
  • To administer membership records
  • To fundraise and promote the interests of the Scout Group
  • To manage our volunteers
  • To maintain our own accounts and records (including the processing of gift aid applications);
  • To inform you of news, events, activities and services running at 2nd Penrith Scout Group

4. What is the legal basis for processing your/your child(ren)’s personal data?

We only use your personal information where that is permitted by the laws that protect your privacy rights. We only use personal information where:

  1. We need to use the information to comply with our legal obligations
  2. We need to use the information to contact with you, regarding meetings, events, collection of membership fee’s etc, (i.e. for the day to day running of the group)
  3. it is fair to use the personal information in your interests, where there is no disadvantage to you – this can include where it is in our interests to contact you about products or services within scouting.
  4. The processing is necessary for the persons legitimate interests or the legitimate interests of our Scout Group unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

5. How we store personal data

Data description Personal data included Stored using Retention policy
Information about our members;   to ensure we can provide safe and effective activities and communication Contact information: Name, date of birth, gender, address, telephone numbers, email of the member and parents/carersBadge and activity records SENSITIVE PERSONAL DATA regarding religion, additional needs, disabilities, ethnicity medical information and commission of offences or alleged offences Online Scout ManagerSpreadsheets and Word processing documents (mobile, computer, online secure storage)Office 365 Retained for 7 years, or until their 21st birthday, whichever is later, to fulfil our legal obligations.
by UK Scout Association. See http://scouts.org.uk/privacy 2 years after membership ceases (to support continuity should the person reapply for membership)
Information about Safeguarding incidents;   to ensure the safety of our members and fulfil legal obligations Contact information and information regarding the nature of any allegation, the status and outcome of the investigation PaperGroup, District and County emailElectronic Files (mobile, computer, online secure storage) Indefinitely, to fulfill our legal obligations
Information about accidents and near misses;   to ensure the safety of our members and fulfil legal obligations Contact details and nature of accident Office 365Group, District and County emailsBy the UK Scout Association 7 years, or until their 21st birthday, whichever is later, to fulfill our legal obligations
Information about our event attendees;   to ensure we can provide safe and effective activities and communication T-Shirt size of each participant Bespoke event booking system Online Scout Manager 7 years, or until their 21st birthday, whichever is later.   Aggregated summary statistics indefinitely.
Contact details, next of kin information, medical conditions and special diets.   (Includes sensitive data, as defined) Paper forms Online Scout ManagerShared with event organisers Paper forms destroyed after the event, except in cases of accident/incident (see above).   Electronic data: 7 years, or until their 21st birthday, whichever is later.
Information about general enquirers;   To ensure that we can respond to the enquiry effectively Contact information and nature of  enquiry, which may contain personal data Online Scout ManagerSpreadsheets and Word processing documentsOffice 365Email systemOur website (See website privacy notice) Electronic data: 7 years, or until their 21st birthday, whichever is later.
Information about complainants;   To ensure that we can respond to the enquiry effectively Contact information and nature of complaint, which may contain personal data Online Scout ManagerSpreadsheets and Word processing documentsOffice 365Email system Indefinitely
Bank details of our members, family members  and our suppliers;   To ensure we can receive payments and pay monies efficiently Contact information Sort-code and account number Online Scout ManagerSpreadsheets and Word processing documentsOffice 365GoCardlessEmail system 7 years, or until their 21st birthday, whichever is later.   Third parties: Merchant’s policy

We are committed to the protection of your personal information.

We generally store personal information in one of two secure digital online database systems, where access to that data is restricted and controlled. These are accessed using Group-owned electronic equipment and on volunteers personal mobile and personal computers.

Compass: – is the online membership system of The Scout Association, this system is used for the collection and storage of Adult personal data.

Online Scout Manager is an online membership system run by Online Youth Manager Ltd, this is a secure membership database where we store the personal information of Adults and Youth members for the day to day running of the group.

Printed records and Event data

Paper is still used within the sections to capture and retain some data for example the following: –

  • New joiners form.
  • Health and contact records update forms
  • Gift Aid Collection forms
  • Events consent from parents
  • Events coordination with event organisers
  • Award notifications/nominations

In the case of Joining forms, Health and contact update forms, this information is securely held by the leader or waiting list manager, and transferred to our secure digital systems as soon as possible. Paper forms are destroyed when they are no longer required.

Gift Aid collection forms, will be securely held by the Groups Treasurer to aid in the collection of Gift Aid for monthly membership fee’s, we have a legal obligation to retain this information for 7 years after our last claim.

Events

As a member of 2nd Penrith Scout Group it is hoped you will take up the opportunity to attend events and camps, where is necessary to fulfil our legal obligations we will be required to potentially have a less secure means to access personal information, such as printouts of personal contacts and medical information, (including specific event contact forms), rather than relying on secure digital systems, as often the events are held where internet and digital access will not be available. We will minimise the use of paper to only what is required for the event/camp.

We will ensure:

  1. Transfer of paper is secure, such as physical hand to hand transfer or registered post.
  2. Paper forms are securely destroyed after use.
  3. Secure destruction will be through a shredding machine or securely burned.
  4. Always keeping the paper records secure, especially when in transit, by using:
    1. A lockable brief case.
    1. A lockable filing cabinet if long term stored.
  5. If transferred to somebody, we will audit that they return them when the event is complete.

Awards

Sometimes we may nominate a member for national award, (such as Queens Scout or Duke of Edinburgh award), such nominations would require we provide contact details to the awarding organisation, this is most often done on paper via registered post.

6. Sharing and transferring personal Information

We will only normally share personal information within our Scout Group leaders and executive members.

We will however share your personal information with others outside our Scout Group where we need meet or enforce a legal obligation, this may include, Eden Scout District, Cumbria Scout County, The Scout Association and its insurance subsidiary “Unity”, local authority services and law enforcement. We will only share your personal information to the extent needed for those purposes.

If you move to another Scout Group or Explorer Scout Unit we will transfer your personal information to them.

We will never sell your personal information to any third party for the purposes of marketing.

Sometimes we may nominate a member for national award, (such as Scouting or Duke of Edinburgh award) such nominations would require we provide contact details to that organisation.

Your personal data will be treated as strictly confidential.  We will only share your data with third parties outside of the organisation where there is a legitimate reason to do so. We will take steps to anonymise the data we provide (i.e. collective reporting on gender, ethnicity, age, etc.).  If identifiable data is to be shared we will seek your consent.

Third Party Data Processors

2nd Penrith Scout Group employs the services of the following third-party data processors: –

  • The Scout Association via its adult membership system “Compass” which is used to record the personal information of leaders, adults and parents who have undergone a Disclosure and Barring Service ( DBS) check. See their privacy notice at: https://scouts.org.uk/privacy
  • Online Youth Manager Ltd (Online Scout Manager) which is used to record the personal information, badge records, event and attendance records etc, we have a data processing agreement in place with online youth manager, more information is available at https://www.onlinescoutmanager.co.uk/security.php
  • Google occasionally used for secure transfer of limited personal information for events. See https://policies.google.com/privacy

Email Systems:

  • We use Office 365 for email accounts and Office 365, Online Scout Manager and TSOHost for storage of personal data. All email addresses using @2ndpenrithscouts.org.uk are covered by this service.
  • Office 365, provided by Microsoft, has extensive expertise in protecting data, championing privacy, and complying with complex regulations, and currently complies with both EU-U.S. Privacy Shield and EU Model Clauses. They believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. They are committed to GDPR compliance across their cloud services, and provide GDPR related assurances in their contractual commitments.

Website Hosting

  • Our website is hosted by TSOHost within a UK data centre located just outside London, in Slough. See https://www.tsohost.com/legal/privacy-policy for more details.
  • Located in the same facility as their UK office, their 9,300 sq ft data hall uses 3m perimeter fencing, 25+ CCTV cameras, 24×7 personnel and electronic access control systems to safeguard their data hall from unauthorised access.

 

Automated decision making

2nd Penrith Scout Group does not have any automated decision-making systems.

 

Transfers outside the UK

2nd Penrith Scouts will not transfer your personal information outside of the UK, with the exception where an Event is taking place outside of the UK and it is necessary to provide personal information to comply with our legal obligations, although generally such an event will have its own data collection form which will be securely held and disposed of after the event.

7. How do we protect personal data?

We take appropriate measures to ensure that the information discussed to us is kept secure, accurate and up to date and kept only for as long as necessary for the purpose for which it is used.

8. How long do we keep your personal data?

We will retain your personal information, throughout the time you/your child(ren) are a member of 2nd Penrith Scout Group.

We will retain your full personal information for a period of up to 7 years (or until the age 21, whichever is later) after you have left 2nd Penrith Scout Group to fulfil our legal obligations for insurance and legal claims.

We will also keep any Gift Aid Claim information for the statutory 7 years as required by HMRC (which may be beyond age 21)

9. Your rights and your personal data 

You have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use. In addition, you have a right to complain to us and to the data protection regulator.

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

  • The right to be informed – you have a right to know how your data will be used by our Scout Group.
  • The right to access your personal data – you can ask us to share with you the data they have about you!
  • The right to rectification – this just means you can update your data if it’s inaccurate or if something is missing. You can view and edit your personal information directly on our online membership systems Online Scout Manager and Compass.
  • The right to erasure – this means that you have the right to request that we delete any personal data they have about you. There are some exceptions, for example, some information can be held for legal reasons.
  • The right to restrict processing – if you think there’s something wrong with the data being held about you, or you aren’t sure if we are complying to rules, you can restrict any further use of your data until the problem is resolved.
  • The right to data portability – this means that if you ask us we will have to share your data with you in a way that can be read digitally – such as a pdf. This makes it easier to share information with others.
  • The right to object – you can object to the ways your data is being used. This should make it easier to avoid unwanted marketing communications and spam from third parties.
  • Rights in relation to automated decision making and profiling – this protects you in cases where decision are being made about you based entirely on automated processes rather than a human input.

Please contact the Group Scout Leader for more information, in the first instance.

Whether or not you exercise your new rights is up to you – the main thing to remember is that they’re there if you need them.

10. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

11. Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact our Data Protection Lead at groupleader@2ndpenrithscouts.org.uk or telephone 03333 393710

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Reviewed:  28/07/18