This document describes how we collect and use data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR).
What personal data do we collect and why?
“We” (Batchworth Sea Scouts) collect personal data about Youth Members of Batchworth Sea Scouts from their Parents or Guardians (including name, DOB, address, medical conditions, emergency contact details, attendance records, etc.) to allow our Leaders to:
• contact Parents and Guardians in relation to group activities and events (including fundraising events),
• contact Parents or other nominated contacts in the event of an emergency,
• obtain consent for and conduct activities in a safe and respectful manner, and
• maintain participation records and award badges.
We may use photos of Youth Members for Batchworth publicity and communication purposes (e.g. on our website), but do not publish individual Youth Members’ names alongside such photos.
We collect personal data about prospective Youth Members of Batchworth Sea Scouts from their Parents or Guardians for our waiting list (e.g. name, DOB, address).
We periodically ask Parents or Guardians to update the personal data we hold about Youth Members to ensure our information remains correct and to gain their consent to use this data.
We collect personal data about Parents for Gift Aid purposes.
We collect personal data about Adult Volunteers to support ongoing management of DBS checks and qualifications which are required to ensure our safeguarding responsibilities.
We retain data about Batchworth Sea Scouts alumni in order to remain in touch with them, to create a sense of community and encourage volunteers to support the group.
Where is this data stored?
This information may be kept in paper or electronic form.
We use Online Scout Manager (OSM) to securely store and maintain our Youth Member and Adult Volunteer records, to communicate with Parents/Guardians, and to conduct an annual census on behalf of the Scout Association. All OSM data is held in the EU.
Leaders may also store Youth Member and Parent/Guardian information on their password-protected personal computers or other electronic devices.
Personal information for Adult Volunteers is stored in the Scout Association’s Compass database.
We also use other secure cloud-based document storage platforms (e.g. DropBox, Google, Office 365, MailChimp, etc.) which store data securely but in some cases outside the EU.
Who uses this data?
We will only normally share personal information within our Scout Group leaders and executive members.
Any personal information received from Parents will be retained by Batchworth Sea Scouts and not sold, transferred or otherwise disclosed to any third party, unless such disclosure is required by law.
How long is the data kept?
We retain Youth Member personal information throughout the time Youth Members are members of Batchworth Sea Scouts.
We retain full Youth Member personal information for a period of one year after the Youth Member has left Batchworth Sea Scouts and retain more limited information (just name, badge and attendance records) for a period of up to 15 years (or until the age 21) to fulfil our legal obligations for insurance and legal claims.
We also retain any Gift Aid Claim information for the statutory seven years as required by HMRC (which may be beyond age 21).
We may retain Parents’ and Adult Volunteers’ contact details after a Youth Member has left in order to contact them for future alumni and fundraising activities.
Paper copies of information are securely destroyed (e.g. shredded) when no longer required.
How do we use Social Media?
We make use of social media in accordance with Scout Association guidance, which you will find here: http://members.scouts.org.uk/factsheets/FS103011.pdf.
Want to know more?
You may contact Batchworth Sea Scouts with any data privacy queries via email at firstname.lastname@example.org.
For GDPR purposes, our Group Executive Committee is the data controller for the information we collect about our members and volunteers. As data controllers, the Group Executive Committee is also responsible for handling of data breaches.
You have a number of rights under GDPR legislation, which you will find on the Information Commissioner’s Office website, here: https://ico.org.uk.