We provide fun, challenge and adventure to
over 400,000 girls and boys across the UK
a a a  A A
Disclosures Compass POL Print Centre

GDPR Toolkit

This step by step GDPR toolkit includes 'how to' videos and support materials prepared by Black Penny Consultancy to help local Scouting, and specifically local Executive Committees, to guide each Group, District and County/ Area/ Region to work towards alignment to the GDPR.

The GDPR toolkit is a self-service guide and leads Executive Committees through the data privacy life cycle in steps. In February 2018 we shared a document entitled 'What is GDPR?' which is the first stage of step 1.

Data privacy life cycle

Step 1 - How to assess your data

a – Read What is the GDPR (15 minutes)
b – Watch video guides (30 minutes) [You can download the video guides below]
c – Complete the GDPR framework using the how to guide for assistance (2 hours)

Step 2 - How to manage your data risks

a - Read best practice guide (30 minutes)
b - Contact third party processors (1.5 hours)
c - Agree and distribute local data breach response plan (45 minutes)

Frequently asked questions


Further reading

A data breach response plan for Executive Committees
A data breach can happen at any time and vary in severity, this guide assists local Executive Committees manage data breaches with a simple process to follow and a templated GDPR breach notification form to use.

A guide to GDPR subject access request process for Executive Committees
Data subjects are entitled to ask for the information held on them by organisations; known as Data Subject Access Request (DSAR) and this guide assists local Executive Committees manage these requests with a simple process to follow and templated forms to use.

Download the GDPR framework video guides here: Video 1 | Video 2 | Video 3 | Video 4 | Video 5 | Video 6


Data protection is a wide-ranging subject and is regulated by the Information Commissioner's Office which produces a large amount of relevant guidance. If you have any queries or if in any doubt, members should check the guidance provided by the ICO on its website as this is the best and most direct source of relevant information on data protection.

As a reminder, Scout Groups, Districts, Counties/ Areas/ Regions and Countries are separate charities and The Scout Association, as a national charity, is not accountable for the respective alignment of the GDPR of each individual charity. Responsibility to be aligned with the GDPR rests with the respective Executive Committee, and it’s our intention to sign-post appropriate resources to support local Scouting in fulfilling this important responsibility. We will update materials from time to time so please refer back to this GDPR toolkit for the latest version.

Each adult Member and Associate Member must also ensure that they comply with data protection law when handling any personal data.

 

CEOP
© Copyright The Scout Association 2018. All Rights Reserved.
Charity Numbers 306101 (England and Wales) and SC038437 (Scotland).
Registered address: The Scout Association, Gilwell Park, Chingford, London, England E4 7QW