Privacy
The 30th Craigalmond Scouts operate a strict privacy policy.
We will respect any personal details we gather during any transactions on this site and in our and keep them safe and private.
We will never pass on your details to third parties without your explicit prior consent.
Some information regarding GDPR – www.eugdpr.org/key-changes.html
The Scouts policy on GDPR – members.scouts.org.uk/supportresources/1861/data-protection-and-scouting
Some more information regarding the Scouts policy on GDPR members.scouts.org.uk/supportresources/4792 including data breach policy that our group will be following and the Data Subject Access Request (DSAR) process which our group will follow.
Data controllers – Who has access to personal data and other information
Policy will be developed to ensure only those with legitimate need have access to any personal data and that they are trained appropriately and that they will act responsibly. A leavers policy will be developed to ensure access is removed from controllers when the leave the group or no longer have a legitimate need.
The Scouting Association has introduced an eLearning module focusing on GDPR. This is mandatory learning for all adult members, including members of Executive Committees. We will ensure that all members accessing personal data has completed and validated this training.
Third party processors – Where we store personal data and other information
OSM – www.onlinescoutmanager.co.uk/security.html
This information is used in communications about our programme, the rules and guidance, the events we hold and resources we use to run Scouting. As it is communicated to parents and carers of young people, young people and the leadership team, we consider this a legitimate interest for all members of Scouting because, in some way, it supports the individual in their Scouting role.
This information will be passed from Section to Section while you or your child is active within the Scout group. It may be passed to another Scout Group should you or your child continue Scouting after leaving us.
Policy will be developed to ensure data protection and best practices regarding the use of OSM are understood by all data controllers.
GoCardless – gocardless.com/legal/privacy
This is used to provide online payment for Subscriptions and other costs associated with our programme and the events we run.
Compass – members.scouts.org.uk/supportresources/4586/data-protection-and-compass
This is used for membership information for Scouting purposes only. Others outwith our group may have access to this as it is also used by District and Regional officers to manage scouting and to look at trends, and to identify areas for development locally and nationally.
Google cloud platform – cloud.google.com/security/gdpr/
We use this for email provision (gmail) for each section and for the group. It is also used to store documents (Google drive) for the group. No personal data should be stored in the google cloud and the email will only be used to respond to emails from yourself. Any emails generated by the group will be sent out from OSM to respect your communication preferences.
Policy will be developed to ensure data protection and best practices regarding the use of the cloud are understood by all data controllers.
Facebook – en-gb.facebook.com/business/gdpr
We use this to communicate with parents on a facebook page and through a closed facebook group. Images and details of events and activities are sometimes shared on this channel.
Policy will be developed to ensure data protection and best practices regarding the use of the social media are understood by all data controllers.
What’s App – faq.whatsapp.com/en/android/23225461/?category=5245250
We use this for communication within the group. No private data should be shared on this channel.
Policy will be developed to ensure data protection and best practices regarding the use of the messenger tools are understood by all data controllers.
Other data storage methods
Policy will be developed to ensure data protection and best practices regarding the use of any other tools are understood by all data controllers. We are considering developing best practice guidelines to ensure data is migrated to a recognised platform and use of hardcopy data is limited.