Privacy notice

Derwentside Scout District is committed to protecting personal data and being transparent about how we collect and use information. This privacy notice explains how we handle personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This notice applies to personal data processed by Derwentside Scout District through our website, email communications, online forms, and District systems.

Derwentside Scout District processes personal data in line with The Scout Association’s national data protection framework, policies, and guidance.

1. Who we are

Derwentside Scout District is part of The Scout Association and operates within its federated charity structure.

Each Scout Group in Derwentside is a separate, independent charity.

Derwentside Scout District is a separate charity that supports, assures, and enables local Scout Groups.

For data protection purposes, Derwentside Scout District is a Data Controller for the personal data it processes at District level.

2. What personal data we collect

We may collect and process the following types of personal data:

a) Contact and identity information

• Name

• Email address

• Telephone number

• Role within Scouting (where relevant)

b) Volunteering and membership information

• Volunteer role and appointment details

• Training and qualification status

• Disclosure and safeguarding status (where required)

c) Safeguarding and welfare information

• Information relating to safeguarding concerns or incidents

• This information is processed only where necessary and handled with appropriate confidentiality.

d) Website and communications data

• Information provided through contact forms or email enquiries

• Limited technical data (such as IP address) where required for security or functionality

3. How we use personal data

We use personal data only where there is a lawful basis to do so. This includes:

• Supporting and enabling safe, high-quality Scouting across the District

• Communicating with volunteers, parents, carers, and partners

• Managing governance, assurance, and compliance responsibilities

• Supporting safeguarding, safety, and welfare

• Delivering training, support, and operational coordination

• Meeting legal and regulatory obligations

Derwentside Scout District does not use personal data for marketing or commercial purposes.

4. Lawful bases for processing

Under UK GDPR, we rely on one or more of the following lawful bases, as appropriate:

• Legal obligation – where required by law or Scout policy

• Legitimate interests – to support governance, volunteering, and Scouting activities

• Consent – where explicit consent is required (which can be withdrawn)

• Vital interests – where necessary to protect individuals

• Public task – where safeguarding or welfare duties apply

5. Safeguarding and special category data

Some information we process (such as safeguarding or health-related information) is classified as special category data.

This data is:

• handled with additional care and confidentiality,

• accessed only by authorised individuals, and

• processed strictly in line with safeguarding policy, legal requirements, and The Scout Association’s guidance.

6. Who we share data with

We may share personal data where necessary with:

• The Scout Association, including County or national teams

• Relevant Scout Groups or District teams

• Statutory bodies (such as safeguarding authorities) where required by law

• Trusted service providers acting on our instructions

• This may include use of The Scout Association’s national systems (such as My Scouting) where appropriate.

• We do not sell personal data or share it for commercial gain.

7. How long we keep data

Personal data is kept only for as long as necessary to fulfil its purpose, taking into account:

• legal and regulatory requirements,

• safeguarding obligations, and

• The Scout Association’s data retention schedules and guidance.

• Data is securely deleted or anonymised when no longer required.

8. Your rights

Under UK GDPR, individuals have the right to:

• access their personal data,

• request correction of inaccurate data,

• request deletion (where applicable),

• restrict or object to processing,

• withdraw consent (where consent is the lawful basis), and

• lodge a complaint with the Information Commissioner’s Office (ICO).

9. How we keep data secure

We take appropriate technical and organisational measures to protect personal data, including:

• controlled access to systems,

• use of secure District platforms,

• guidance and training for volunteers, and

• regular review of data-handling practices.

10. Cookies and website use

Our website uses only minimal cookies required for functionality and security.

We do not use tracking, profiling, or advertising cookies.

11. Contact us

If you have questions about this privacy notice or how your data is used, please contact:

Derwentside Scout District

Data Protection Lead (or nominated data protection contact)

Email: data@derwentsidescouts.org.uk

12. Changes to this notice

This privacy notice may be updated to reflect changes in law, policy, or practice.

The most recent version will always be published on the District website.