Welcome to the new look Cotswold Scouts – we are currently building new content for the site, we will go fully live when this is completed.
Check back for when we go live!
This Data Privacy Notice describes the categories of personal data we process and for what purposes. We are committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR).
This Privacy Notice applies to Employees, Contractors, Suppliers, Members and Other volunteers, Supporters, Donors and Funders of Cotswold District Scouts.
Who are we?
Cotswold District Scouts is a youth charity. Our mission is to actively engage and support young people in their personal development, empowering them to make a positive contribution to society. We are incorporated by royal charter and are regulated as a member of the UK The Scout Association, (see www.scouts.org.uk for more information.) We are an exempted charity with the UK Charity Commission.
Every year we hold an annual general meeting where members of the charity executive committee (our board of trustees), are appointed or elected.
We are based in Cirencester, Gloucestershire, and the surrounding areas and support the development and growth of Scouting across the area. Our main activities are to provide support to the Groups that comprise the Cotswold Scout District. This support either being practical such as the provision of training courses, provision of events, or personal support to members. We also run a number of activity groups that provide adventurous activities for our members.
Our County Executive Committee is the data controller for the information we collect from you. Any personal data that we collect will only be used in support of our aim to develop and grow Scouting across the Cotswold area. This will include the provision of Scouting meetings, activities, training courses and events for our members and other volunteers in the Cotswold District Scouting area and through our relationship with supporters, donors, and funders.
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
We may collect the following personal information:
- Personal contact details such as name, title, address, telephone numbers and personal email address
- Date of birth
- Additional and special needs (including dietary needs)
- Emergency contact information
- Marital/civil partnership status and dependants
- Government identification numbers [(e.g. social security, national insurance, driving licence, passport)]
- Bank account details, payroll information and tax status information
- Training records
- Race or ethnic origin
- Health records
- Criminal records checks
How we gather personal information
The majority of the personal information we hold is provided to us directly by you or by the parents or legal guardians of youth members verbally or in paper form, digital form, or via our online membership system Compass. In the case of adult members and volunteers, data may also be provided by third-party reference agencies, such as the Disclosure and Barring Service (DBS).
Where a member is under the age of 18, this information will only be obtained from a parent or guardian and cannot be provided by the young person.
How do we process your personal data?
We comply with our obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access, and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use personal data for the following purposes: –
- to provide information about Scouting meetings, activities, training courses and events to our members and other volunteers in the Cotswold District Scouting area
- for the protection of a person’s health and safety whilst in the care of the Scout Group
- to respect a person’s religious beliefs with regards to activities, food and holidays
- to provide a voluntary service for the benefit of the public in a particular geographical area as specified in our constitution
- To administer membership records
- To fundraise and promote the interests of the Scout District
- To manage our volunteers
- To maintain our own accounts and records (including the processing of gift aid applications)
- To inform you of news, events, activities, and services being run or attended by Cotswold District Scouts
- To ensure and evidence your suitability for your role
- For equal opportunity monitoring and reporting
- To contact your next of kin in the event of an emergency
- To ensure you have and maintain the correct qualifications and skills
What is the legal basis for processing your/your child(ren)’s personal data?
We only use your personal information where that is permitted by the laws that protect your privacy rights. We only use personal information where:
a) We need to use the information to comply with our legal obligations
b) We need to perform any agreement we have entered into with you
c) We need to use the information to contact you regarding meetings, events, collection of membership fees, etc, (i.e. for the day to day running of the District.
d) it is fair to use the personal information in your interests, where there is no disadvantage to you – this can include where it is in our interests to contact you about products or services within Scouting.
e) The processing is necessary for the person’s legitimate interests or the legitimate interests of Cotswold District Scouts unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
Please note that we may process your personal information without your knowledge or consent where this is required or permitted by law.
Data protection legislation identifies certain “special categories” of data, including information about race or ethnicity, religious beliefs, sexual orientation, medical conditions, and criminal convictions. We may use such information in the following ways:
- we may use information about your physical or mental health, or disability status, to ensure your health and safety, and to provide appropriate adjustments
- we may use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting
- we will usually only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally permitted to do so
- Where appropriate, we may collect information about criminal convictions as part of the recruitment process or we may be notified of such information directly by you or others in the course of you working for us
How we store personal data
We generally store personal information in one of two secure digital online database systems, where access to that data is restricted and controlled.
- Compass: – is the online membership system of The Scout Association, this system is used for the collection and storage of adult personal data.
- Online Scout Manager is an online membership system run by Online Youth Manager Ltd, this is a secure membership database where we store the personal information of adults and youth members for the day to day running of District activities.
In addition, we hold some personal data on local spreadsheets/databases to which access is restricted and controlled through password protection.
Printed records and Event data
Paper is still used to capture and retain some data, for example, the following: –
- Registration by Youth Members for the D of E scheme
- Registration for Training Courses
- Events consent from parents
- Health and contact records forms (for events)
- Events coordination with event organisers
- Award notifications/nominations
Throughout the year the District may run a number of activities/events. Where it is necessary to fulfill our legal obligations we will be required to potentially have a less secure means to access personal information, such as printouts of personal contacts and medical information, (including specific event contact forms), rather than relying on secure digital systems, as often the events are held where internet and digital access will not be available. We will minimise the use of paper to only what is required for the event/camp.
We will ensure:
a) Transfer of paper is secure, such as physical hand to hand transfer or registered post
b) Paper forms are securely destroyed after use
c) Secure destruction will be through a shredding machine or securely burned
d) Always keeping the paper records secure
e) If transferred to somebody, we will audit that they return them when the event is complete
Sometimes we may nominate a member for a national award, (such as Queens Scout or Duke of Edinburgh awards), such nominations would require we provide contact details to the awarding organisation, this is most often done on paper via signed for post.
Sharing and transferring personal information
We will only normally share personal information with adults holding a District appointment including District Executive Members or individuals running a District event.
We will, however, share your personal information with others outside our Scout District where we need to meet or enforce a legal obligation, this may include The Scout Association and its insurance subsidiary “Unity”, local authority services, and law enforcement. We will only share your personal information to the extent needed for those purposes.
We will never sell your personal information to any third party for the purposes of marketing.
Your personal data will be treated as strictly confidential. We will only share your data with third parties outside of the organisation where there is a legitimate reason to do so. Where possible we will take steps to anonymise the data we provide (i.e. collective reporting on gender, ethnicity, age, etc.).
Where personal data is shared with third parties we will seek assurances that your personal data will be kept confidential and that the third party fully complies with the General Data Protection Regulations (GDPR).
Third Party Data Processors
Cotswold District Scouts engages the services of the following third-party data processors: –
- The Scout Association via its adult membership system “Compass” which is used to record the personal information of leaders, adults, and parents who have undergone a Disclosure and Barring Service ( DBS) check.
- Online Youth Manager Ltd (Online Scout Manager) which is used to record personal information, badge records, event and attendance records, etc. We have a data processing agreement in place with online youth manager, more information is available at www.onlinescoutmanager.co.uk/security.php
- Microsoft’s Office 365 suite of products are used to manage our email and data storage. Where possible these systems are used for secure transfer of limited personal information for events.
Our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Automated decision making
Cotswold District Scouts does not have any automated decision-making systems
Transfers outside the UK
Cotswold District Scouts will not transfer your personal information outside of the UK, with the exception where an Event is taking place outside of the UK and it is necessary to provide personal information to comply with our legal obligations, although generally, such an event will have its own data collection form which will be securely held and disposed of after the event.
How do we protect personal data?
We take appropriate measures to ensure that the information disclosed to us is kept secure, accurate, and up to date and kept only for as long as necessary for the purpose for which it is used.
How long do we keep your personal data?
We will retain your personal information, throughout the time you/your child(ren) are a member of Cotswold District Scouts or are partaking in an activity being run or attended by Gloucestershire County Scouts
We will retain your full personal information for a period of one year after you have left Cotswold District Scouts. Information on The Scout Association’s membership database, Compass, may be held for longer and any queries for this should be directed to The Scout Association.
Personal data collected in support of an event/activity will be destroyed within one month of the event/activity taking place
Your rights and your personal data
You have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete, and restrict the personal information we use. In addition, you have a right to complain to us and to the data protection regulator.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –
- The right to be informed – you have a right to know how your data will be used by our District.
- The right to access your personal data – you can ask us to share with you the data they have about you.
- The right to rectification – this just means you can update your data if it’s inaccurate or if something is missing. You can view and edit your personal information directly on our online membership systems Online Scout Manager and Compass.
- The right to erasure – this means that you have the right to request that we delete any personal data they have about you. There are some exceptions, for example, some information can be held for legal reasons.
- The right to restrict processing – if you think there’s something wrong with the data being held about you, or you aren’t sure if we are complying with the rules, you can restrict any further use of your data until the problem is resolved.
- The right to data portability – this means that if you ask us we will have to share your data with you in a way that can be read digitally – such as a pdf.
- This makes it easier to share information with others.
- The right to object – you can object to the ways your data is being used. This should make it easier to avoid unwanted marketing communications and spam from third parties.
- Rights in relation to automated decision making and profiling – this protects you in cases where decisions are being made about you based entirely on automated processes rather than a human input.
Please contact our Data Protection Lead for more information, in the first instance.
Whether or not you exercise your new rights is up to you – the main thing to remember is that they’re there if you need them.
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
To exercise all relevant rights, queries of complaints please in the first instance contact our Data Protection Lead via our District Executive at firstname.lastname@example.org.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.