Data protection aims to protect an individual’s rights to privacy by regulating how organisations obtain, store and use their personal data. So, data protection rules provide individuals with certain rights whilst also imposing certain duties and obligations on organisations. Young people and adults have the same data protection rights under the law. Data protection is governed by the Data Protection Act and the General Data Protection Regulations (GDPR) which is overseen and Regulated by the Information Commissioner’s Office (ICO).
Data protection law applies to The Scout Association as well as all Scout Groups, Districts, Counties/Areas/Regions (Scotland) and Countries which are each created and operate as independent charities and are likely to collect and store personal data about members and perhaps other individuals involved with local Scouting. Local Scouting must comply with the Data Protection Act and GDPR when using The Scout Association’s Membership System ‘Compass’. Please see Policy, Organisation & Rules (POR) Chapter 2.
The Scout Association provides guidance and best practice to assist members meet their data protection obligations.
The ICO also provides general guidance on how to comply.