Privacy policy

contact@sandsscouts.org.uk Tweet this Share this

Below we outline our privacy statement and information. You can download a full copy of our Privacy Notice (last updated 2019-01-03)

Who we are

We are Shelfords and Stapleford Scout Group, Cambridgeshire, UK – our website address is: https://shelfordsandstaplefordscoutgroup.org.uk/. We are a registered charity in the England – charity number 301093. We operate as part of The Scout Association.

What personal data we collect and why we collect it

Contact information If you make an enquiry to join via email we keep a copy of this information for the purposes of informing you of spaces becoming available for your young person to become a member of the Group;
Membership data We keep basic information about our youth members, to allow us to manage their activities, and their safety during this time, the data we collect is: details of young person, details of parents/guardians, medical information, ethnicity, attendance and attainment records. Information about disabilities and ethnicity are passed on aggregated to The Scout Association annually for statistical purposes.
Additional information is held about adults who help with the running and management of the Group.
Web analytics The only information that we store about your visit are the pages you view, IP address from which your request was made, along with any referrer and user-agent string sent by your browser.

Who we share your data with

The following information is shared with 3rd parties for the purposes of administering Scouting in the Group.

Details of young people We use Online Scout Manager to securely store details of all members of the Group for the purposes of running our sectional meetings and other youth activities. Aggregated information is passed to The Scout Association annually.
Details of adults Any adult who has completed a DBS form will be registered with The Scout Association and stored on Compass, The Scout Association’s Membership databases, and passed to the disclosures system managed by Atlantic Data. This information is available to administrative staff and volunteers at the National level, within Cambridgeshire and Cambridge District for purposes of managing Scouting at their respective level.
Details of web accesses These details are not shared with any 3rd party data processors. We use virtual server technology (not shared hosting) for the website, hosted by ByteMark in the UK.

How long we retain your data

We retain youth data for the duration of membership of the Group, and a period afterwards to allow members to rejoin Scouting (here or elsewhere) without loss of information. A reduced amount of information is additional stored for longer where it is required for legal reasons (e.g. incident/accident recording purposes) and for the purpose of maintaining the institutional memory of the Group.

What rights you have over your data

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes; you may also request a transcript of the identifiable data which we hold on you.

Where we send your data

See details of who we share data with above.

Cookies

We do not use cookies on the public facing website; if you are an editor on the site then the backend system will store cookies to identify yourselves; additionally 3rd party data processors set cookies if you log in to any of their systems.

Contact information

You may contact us via email at:

contact@sandsscouts.org.uk

Additional information

How we protect your data

The 3rd parties we share your data with are all GDPR audited and have procedures in place to protect your data; Most personal data is held on these third party systems. Where a hard copy of details are needed for the purposes of managing individual activities we keep these for the duration of the activity and destroy them securely at the end of the activity.

What data breach procedures we have in place

If we discover a breach of data which is directly in our control (or if we are informed of a breach in the systems of one of the 3rd parties) we will inform you as soon as possible (after containment) at which time we will also inform the ICO.