Data Protection Policy
This data protection policy sets out what Suffolk Scouts does with personal data and what you can expect from us as part of our obligations when processing such data.
For the purposes of this document the definition of ‘County’ or ‘We’ means Suffolk County Scout Council, a registered charity with number 305682. The headquarters for which are located at the following address: 143 Cauldwell Hall Road, Ipswich, Suffolk, IP4 5BS.
Any queries regarding this policy, or to exercise any of your rights please contact the ‘Data Controller’ at the above address or via email at [email protected].
2. Data Controllers
The appointed data controllers for the County are as follows:
- County Commissioner
- County Administrator
A data protection officer has not been appointed, the data controllers will undertake these duties.
3. What is personal data?
Personal data means any information about an identified or identifiable person. For example, an individual’s home address, personal (home and mobile) phone numbers and email addresses, occupation, and so on can all be defined as personal data.
Some categories of personal data are recognised as being particularly sensitive (“sensitive personal data”). These include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic and biometric information, and data concerning a person’s sex life or sexual orientation.
4. What data are we gathering?
We may hold Personal Data (including Sensitive Personal Data) about members, parents/guardians and volunteers. We believe it is important to be open and transparent about how we will use your Personal Data. Information we may hold includes the following (non-exhaustive):
- name and contact details
- age/date of birth
- details of training you receive
- details of Scouting events and activities you have taken part in
- details of next of kin
- details of any health conditions
- any complaints we have received about the member
5. Why do we collect this information?
We use this information to communicate with you and to carry out our functions operating a voluntary service. We also have a responsibility to keep information about you, both during your membership and afterwards (due to our safeguarding responsibilities and also to help us if you leave or rejoin).
In addition, we may collect data for registration to events, including nights away, in some cases this data will be Sensitive Personal Data, which we ask for to allow us to provide appropriate care for members whilst under our supervision. The list of activities we carry out as part of Scouting that may require the use of Personal Data include:
- To enable us to provide a voluntary service for the benefit of the public
- To manage our volunteers
- To manage our membership records
- To update you on events and
- To conduct surveys on our performance
- For financial accounting
- To fundraise for the County
- To process Gift Aid applications
6. How do we gather data?
We gather data through a variety of methods, these include:
- Contact form on our website or by email
- User registration form on our website
- Waiting lists
- Joiners forms
- Event registration forms
7. Where do we store personal data?
Personal data is stored and processed in a number of ways, this includes:
- Paper records, kept in secure containers
- Digitally on the Microsoft Office 365 platform
- Digitally within Suffolk Scouts IT systems
Access to the above data repositories is secured and audited to ensure protection of personal data. We take data security seriously and apply current industry best practices to protect data.
8. Who has access to data and is it shared?
Only members who require access to data in order to carry out their role have access to such information.
Contact information for all members of the organisation is published in an internal directory to facilitate communication between members. If you wish to opt out of the directory, please contact us on the email listed below.
Personal data is not shared or sold to third parties without consent. Some personal data may be shared with Scout Groups, Districts and UK Scout Headquarters to enable us to carry out our operations as a voluntary service.
Examples of where data is shared:
- New joiners’ information is shared with UK Scout HQ to enable DBS checks to be undertaken.
- Expressions of interest to join waiting lists is passed to the relevant scout group
Sensitive personal data is not routinely shared, sharing would only take place if deemed necessary and proportionate by the data controllers (e.g. medical incident or disciplinary investigation).
We do not store or process any credit card or banking information.
9. How long do we retain data?
We may keep information for different periods of time for different purposes as required by law or best practice.
As far as membership information is concerned, to make sure of continuity (for example leavers and then re-joiners) and to carry out our legal responsibilities relating to safeguarding young people, we keep membership information throughout the membership and after it ends.
10. Your rights to your personal data
As a data subject, you have the following rights that you may exercise at any time:
- To correct any data we hold, we must keep your data accurately
- To erase data, we must erase data if not needed or if requested by you (Providing that it is not excessive and is possible)
- We must provide a copy of your data to you
- We must cease a processing activity if you object to it
- We must allow you to withdraw consent at any time