THE NEW GENERAL DATA PROTECTION REGULATIONS 2018
As a result of the above legislation data protection law in the UK will change on the 25 May 2018. Guidance has been provided by the Scout Association on what action is required to comply with the new law. How this change will affect Scouting in Stanmore & District is set out below.
Compliance with GDPR within the Stanmore & District will rest with individual Scout Groups and a letter to this effect was sent to the relevant Group Chairs, Secretaries and GSL’s on 11th May 2018.
The action to be implemented and subsequently managed by the District Executive will be in relation to the data collected and stored for the following individuals. The adult leaders at District level, members of the District Executive Committee, the District Executive Trustees, members of the Scout Network, members of the Explorer Scout Units (ESU), the administrative members of the ESU and members the Young Leader Training Scheme. All of whom who come within the District remit.
This privacy notice tells the members of the Stanmore & District referred to above what to expect when the District Executive collects, stores, uses, discloses and disposes of your personal information. Personal information is information that (on its own or together with other information) identifies you and is about you. It may include names, addresses and dates of birth.
To ensure that we process your personal information fairly and lawfully this notice informs you:
- Why we need your personal information
- How it will be used
- With whom it will be shared
- What rights you have in relation to the personal information we collect
There are instances where the District Executive is termed the ‘data controller’ when in relation to the District Executive Committee and Trustees and in respect of the Explorer Scout Units (ESU) and their administrators we decide what personal information is collected and how it is used. There are other instances where the District Executive uses information received from Scout Groups within the District, from their own data bases or through their use of ‘On Line Scout Manager’(OSM) and from the Scout Association (through Compass) where the District Executive is termed the ‘data processor’. In such circumstances our use of the data would be governed by these organisations.
OUR COMMITMENT TO YOUR PRIVACY
The Stanmore & District Executive recognises the importance of protecting personal and confidential information in all that we do and takes care to meet our legal duties. We put in place all reasonable technical, security and procedural controls to protect your personal information for the duration of its life, in what ever format we hold that information in.
HOW THE LAW PROTECTS YOU
Your privacy is protected by law which says that we can use your personal information only if we have a proper reason to do so. The reasons why the Stanmore & District Scout Executive may process your information are:
- When it is our legal duty
- When you have entered into a contract with us
- When you consent to it
Below is a list of ways that we may use your personal information.
All Executive Committee members are recorded on Compass. Personal data is extracted by the District Commissioner for use at District level and stored securely on his personal encrypted laptop. For those members of the District Executive who are also Trustees their details are forwarded to the Charity Commission.
All Adult Leaders, Scout Network members, administrators and occasional helpers within Stanmore & District are recorded on Compass. The personal data of all Explorer Scouts Units is held on OSM and paper formats are shredded following addition to the data base which the parents can manage. The details of those on Young Leader Training are recorded on Dropbox.
Personal data is extracted by the District Commissioner from all the above sources for use at District level in relation to the organising, running and management of various Scouting activities and stored securely on his personal encrypted laptop or in Dropbox.
Duke of Edinburgh Award Scheme (DofE) participants are held on the DofE database and their registration forms are sent to County who add them to their data base.
Many of the expeditions, camps or events at District level involve the collection of data in paper form, e.g. health forms. They are then shredded following the event they are used for unless a problem arose at the event when the documents must be retained until the matter is concluded.
No personal data is used for commercial purposes and is not circulated outside the Scouting community, except in cases of medical emergencies.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We will keep your personal information for as long as you are a member of the Stanmore and District Scouts. After you stop being a member we may keep your personal information for up to seven years for one of these reasons:
- To respond to questions or complaints
- To show that we treated you fairly
- To maintain records according to legal requirements
YOUR RIGHTS under the data protection legislation are as follows:
HOW TO GET A COPY OF YOUR PERSONAL INFORMATION
You can request a copy of your personal information as well as why we have that personal information, who has access to that personal information and where we got that personal information from at any time. Once we have received your request we will respond within 30 days.
A form for this purpose and the other requests listed below can be found on the Stanmore & District web site.
LETTING US KNOW IF YOUR PERSONAL INFORMATION NEEDS UPDATING
You have the right to question any information that we hold on you that you think is wrong, out of date or incomplete. If you do, we will take reasonable steps to check its accuracy and correct it. If you need to update your personal information you can do so by following the guidance shown in the penultimate paragraph on ‘How to contact our data protection officer’.
IF YOU WANT US TO STOP USING YOUR PERSONAL INFORMATION
You have the right to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and the ‘right to erasure’ (or ‘right to be forgotten’).
We may be able to restrict the use of your personal information so that it can only be used for certain things, such as legal claims or to exercise legal rights. In such situations we would not use or share your information in other ways whilst it is restricted.
You can ask us to restrict the use of your personal information if:
- It is not accurate
- It has been used unlawfully but you don’t want us to delete it
- It is not relevant any more, but you want us to keep it for use in legal claims; or
- You have already asked us to stop using your personal information, but you are waiting for us to assess your request and confirm whether we are permitted to continue using the personal information under data protection law.
If you want to object to how we use your personal information, or to ask us to restrict how we use it, please contact us by following the guidance shown in the penultimate paragraph on ‘How to contact our data protection officer’.
IF YOU WANT US TO ERASE YOUR PERSONAL INFORMATION
If you feel that we should no longer be using your personal information, or that we are illegally using your data, you can request that we erase the personal information we hold on you. When we receive your request, we will confirm whether your personal information has been deleted or tell you the reasons why it cannot be deleted. There may be legal reasons why we need to keep your personal information.
If you want to request that we erase your personal information, please contact us by following the guidance shown in the penultimate paragraph on ‘How to contact our data protection officer’.
OBTAINING YOUR PERSONAL INFORMATION IN A PORTABLE FORMAT
You have the right to get copies of your personal information from us in a format that can be easily re-used. You can also ask us to pass on your personal information to other organisations. To request this please contact us by following the guidance shown in the penultimate paragraph on ‘How to contact our data protection officer’.
HOW TO CONTACT OUR DATA PROTECTION OFFICER
If you have any questions about this privacy notice or our processing of information, if you wish to raise a complaint on how we have handled your personal information, or if you wish to exercise any of the rights set out in this privacy notice please contact the Stanmore & District Scout Commissioner at firstname.lastname@example.org or the Chair of the Stanmore & District Scout Council at email@example.com
YOUR RIGHT TO COMPLAIN
If you are not satisfied with our response or believe that we are not processing your personal information in accordance with the law, you can complain to the Information Commissioners Office (ICO) by emailing firstname.lastname@example.org or telephoning 0303 123 1113.
Chair of District Executive Committee
18 May 2018