Subject Access Requests

You have the right at any time to request a copy of all data held by the Ninth Wakefield (South Ossett) Scout Group. This should be completed by submitting a Subject Access Request Form. This request can be extended to include the deletion, rectification and restriction of processing. Please note that some data cannot be deleted, and must be retained for legal, financial, or safeguarding reasons.

If you require data held by The Scout Association, a separate Subject Access Request Form should be submitted. Details on how to submit a Subject Access Request Form to The Scout Association can be found here: Data Protection Policy | Scouts, or by emailing Enquiries.dpo@scouts.org.uk

Important Definitions

‘ICO’ is the Information Commissioner’s Office, the body responsible for enforcing data protection legislation within the UK and the regulatory authority for the purposes of the GDPR.

'Personal Data' is defined as any information about an identified or identifiable person. For example, an individual’s home address, personal (home and mobile) phone numbers and email addresses, occupation, and so on can all be defined as personal data.

Some categories of personal data are recognised as being particularly sensitive (“special category data”). These include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic and biometric information, and data concerning a person’s sex life or sexual orientation.

‘Processing’ means all aspects of handling personal data, for example collecting, recording, keeping, storing, sharing, archiving, deleting and destroying it.

‘Data Controller’ means anyone (a person, people, public authority, agency or any other body) which, on its own or with others, decides the purposes and methods of processing personal data. We are a data controller insofar as we process personal data in the ways described in this policy.

‘Data processor’ means anyone who processes personal data under the data controller’s instructions, for example a service provider. We act as a data processor in certain circumstances.

‘Subject Access Request’ is a request for personal data that an organisation may hold about an individual. This request can be extended to include the deletion, rectification and restriction of processing.

‘Membership System’ This refers to the Microsoft Dynamics based system we use to store membership information. This database is used both by The Scout Association as well as Ninth Wakefield (South Ossett) Scout Group. It integrates with our Learning Management System.

‘OSM’ refers to Online Scout Manager, a subsidiary of Online Youth Manager Limited. Both this policy, and the policy of OSM, apply to data held on this platform.

‘Data Control Officer’ refers to the nominated person who manages data storage and use in accordance with GDPR, and responds to breaches and Data Subject Access Requests. More information about the role can be found in the Group Constitution.

‘Data Subject’ refers to the person whom the Subject Access Request asks for data about.

How to submit a Subject Access Request

1. The form located at the bottom of this page should be filled out and sent to the Data Control Officer. Please provide as much detail as possible as to the data you wish to access to allow us to provide everything required. Contact details for the Data Control Officer can be found within the Data Protection Policy.

2. The Data Control Officer will then request evidence to ensure that you have the legal right to see the data requested. This will be completed by the submission of ID, such a driving License, or Passport. The DCO will provide details on how to do this, and upon completion will then approve the collection and release of data.

3. The DCO will then report to the Trustee Board, who will then inform the leadership team to begin collecting copies of all data requested under the SAR. This is known as discovery. All discovery requests are to be logged and recorded by the Trustee Board. Any data that is not relevant, or does not belong to the data subject will be redacted.

4. The Trustee Board will then delegate the DCO to release electronic copies of all data requested to the requestee, usually as a PDF. In extreme circumstances, paper copies may be issued, however this should be avoided, and once the paper copies are in the possession of the requestee, they are then responsible for the safe storage of this data. The Ninth Wakefield (South Ossett) Scout Group, The Scout Association, or any members, associates, or subsidiaries of either organisation can held responsible for any breaches.

Any Subject Access Request will have data returned within 30 working days of the DCO approval of the SAR form and ID.