New logo consultation

New logo consultation

New logo for SES Scouts

Message from Martin Elliot, Deputy Regional Commissioner

Thank you to all who took part in our consultation on a new Regional logo. We have now received clarification that local variations to the logo are not permitted, which means that Logo 1 will become the new Regional logo. From the responses received to the consultation so far, Logo 1 was the most popular.

As your Regional team we are keen to engage with the Regional membership as much as possible so we encourage you to let us know your ideas and opinions on how to take South East Scotland Scouts forward and to look out for other opportunities like this in the future.

Original article below

As you will have hopefully seen, the Scouts last month released its new strategy, Skills for Life, and to support the strategy they have released updated branding, including a new logo.

The Regional Commissioner and Regional Chair along with their teams are currently working on how we implement the new Strategy locally and will be looking to engage with members across the Region to make sure that our Regional Strategy supports the Groups and Districts who provide Scouting for young people across South East Scotland.

However, one change that we are looking to make is to update the Region’s logo to reflect the updated brand. Thanks to the work of Adam Bennett, Assistant Regional Commissioner (Youth Involvement), we have created 3 possible logos for the Region and would like your views on which we should use going forward.

 

SES Scouts Logo 1

Logo 1



 

SES Scouts Logo 2

Logo 2


SES Scouts Logo 3

Logo 3


To participate, you have 3 possible options:

  1. E-mail communications@sesscouts.org.uk with your feedback on the logos.
  2. Feedback on Facebook by adding to the Thread on the Region’s Facebook Page.
  3. Feedback on Twitter by replying to the Logo tweet.

The consultation will remain open until the end of June with the new Regional branding being rolled out in the new term.

What happens now with GDPR

What happens now with GDPR

GDPR is live – What now?

By the time that you read this, the new General Data Protection Regulation (GDPR) will have come into effect and now governs how all Scout Groups, Districts and Regions process personal data.

Hopefully this will not come as a surprise to you and you will have read the GDPR Advice we previously produced in preparation for the new regulation as well as made use of the GDPR Toolkit and your Group and/or District is ready or at least taking steps to ensure readiness for the new rules. If not, then now is a great time to review these resources to identify what steps, if any, your Group/District need to take to adhere to the regulations.

In this article, we cover a few GDPR topics which have arisen since we published our previous articles.

GDPR Training Module

You may have noticed from other communications that a new eLearning module has been released focusing on GDPR. This is mandatory learning for all adult members, including members of Executive Committees. The eLearning takes about 25 minutes to complete and can be found on the Scouts UK website.

Being able to demonstrate that adult volunteers within Scout Groups, Districts or Regions have been made aware of their responsibilities through this training is an important part of being able to demonstrate GDPR alignment. A record that this training has been completed should be kept and it can now be added as a module on Compass.

Like other modules, the LOVE (Learning Optional, Validation Essential) principle applies so as well as completing the eLearning, you should meet with your Training Advisor (TA) to review the validation criteria to ensure that you meet them. If you do not have a Training Advisor, then any current TA can validate it so please check with your line manager who in your group or district may be able to validate the module. If appropriate, the module can be validated for small groups of adults together, providing the TA is satisfied that they all meet the validation criteria.

Do I need to ask for Consent?

There is a common misperception amongst some leaders that under GDPR we now have to ask for member’s consent every time that we store or use their personal data and as a result I have seen personal details forms which state that we require the member’s consent to retain the data.

Under GDPR there are a number of justifications that can be used for holding someone’s data – consent is one of them but if you are using consent as the justification then it means that if the data subject (in this case the member) chooses not to give their consent or later withdraws it then we are no longer able to hold their data. To avoid this issue, in most cases Legitimate Interest can be used as the justification for storing the data and remove these requests for consent.

Communications about the member’s involvement in Scouting are a legitimate interest for all members of Scouting. They count as legitimate interest because, in some way, they support the individual in their Scouting role.

However, for marketing communications e.g. providing offers, discounts, partnerships or promoted competitions we do require the member’s consent.

Data Processors

One of the common questions being asked about GDPR is whether different Data Processors meet the GDPR requirements. Particular Data Processors which Leaders have asked about include:

  • Compass
  • Online Scout Manager
  • Google Forms/Cloud
  • Dropbox

At present, it appears that all of the above meet the GDPR requirements. Further information on each of them can be found at the relevant links below:

Compass: https://compasssupport.scouts.org.uk/?faq=is-data-on-compass-secure

Online Scout Manager: https://www.onlinescoutmanager.co.uk/security.html

Google: https://services.google.com/fh/files/misc/gdprwhitepaperenglish.pdf

Dropbox: https://www.dropbox.com/security/GDPR

Where Data is stored

Another common misperception is that under GDPR all data must be stored within the EU, which would cause a problem for the latter two Data Processors referred to above as they can store the data in the United States. However the GDPR permits the transfer of personal data to non-EU countries in line with a number of recognised methods. Under GDPR data can be hosted and processed in non-EU countries as long as the data processor can demonstrate that they have one of the necessary transfer mechanisms in place, which both Google and Dropbox do.

If you have any questions about GDPR you can speak to Brian Muir, Chair of the Risk and Audit Committee, or Martin Elliot, Deputy Regional Commissioner, or e-mail communications@sesscouts.org.uk.

Martin Elliot, Deputy Regional Commissioner

 

Managing your section – OSM survey

Managing your section – OSM survey

Help to manage your section effectively

The Regional Leadership Team wants to assist section leaders to use a good way of managing the complex details about the young people in their section. We know that an electronic tool called Online Scout Manager is widely used in the Region and is very helpful, so we want to find out whether we can work with section leaders who don’t already use it to help them to adopt it. We would be very grateful if all section leaders, GSLs, ADCs and DESCs could complete this simple survey and let us know if they are already using OSM or would wish to have some financial help and personalised support to adopt it.

Please complete this survey by the end of June.

Margery Naylor, Regional Commissioner

GDPR advice

GDPR advice

GDPR – What should I be doing?

Advice from Martin Elliot, Deputy Regional Commissioner

In last month’s newsletter, I introduced the new General Data Protection Regulation (GDPR), a new EU law that will come into effect on 25 May 2018, and will govern how organisations, including Scout Groups, Districts and Regions, process personal data.

Since then the Scout Association has released its GDPR Toolkit, a step-by-step collection of tools that includes ‘how to’ videos and support materials prepared by Black Penny Consultancy to help local Scouting, and specifically local Executive Committees, to work towards alignment to the GDPR.

This article provides some initial guidance on how groups and districts within the Region can start working towards compliance with the GDPR requirements but for a fuller guide I would encourage all groups to make use of the Toolkit as it prepares for this new legislation.

Does GDPR apply to us?

GDPR will apply to all groups and districts within the Region, regardless of size and charitable status. This is because each group and district is a “Data Controller” and as such processes sensitive personal data.
It is important to note that groups and districts already have this Data Controller responsibility under the existing Data Protection Act, so any processes that you already have in place to meet this responsibility will provide a strong basis for your requirements under GDPR.

The owner and user of the gathered personal data. This is anybody gathering and retaining personal data.

Any information that can be used to identify an individual. This information could be names, addresses, telephone numbers or more sensitive information such as religion, ethnicity and disabilities. May also be referred to as Personally Identifiable Information (PII).

Personal data revealing religion, ethnicity, political opinions, sexual orientation or data concerning health.

The Information Commissioner’s Office

The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

What data do we process?

Groups and Districts store a large amount of information:

  • Personal Details such as names, addresses, email addresses, phone numbers, membership numbers
  • Sensitive personal details such as religion, ethnicity, sexuality and medical/health information
  • Participation, event, activity, badge and training records
  • Complaints, disputes, suspensions
  • Safeguarding information

Thus, they have to be aware of their responsibilities under GDPR.

What should we do?

It is important that trustees of groups and districts recognise that they are collectively responsible for compliance with the GDPR regulation and take time to invest time understanding the responsibilities that it places upon them.

The Information Commissioner’s Office, which regulates Data Protection in the UK, has produced a 12-step checklist for preparing for GDPR which provides a useful guide for Executive committees looking to identify what actions they need to take.

The rest of this article is based on a subset of these 12 steps and provides some more information about what each mean for your group or district.

1 Awareness

Make sure that trustees in your group and district are aware that the law is changing to the GDPR and that they need to appreciate the impact this is likely to have. This article is designed to help increase awareness among groups and district and The Scout Association has produced a What is the GDPR document as an introduction for members.

2 Identify information you hold

As highlighted above, each group and district holds an large amount of data so it is important that all personal data and sensitive personal data held relating to individuals (youth members and adults) is identified. For all data held you should also identify:

  1. How and where the data is processed. If this is delegated to a Data Processor such as Online Scout Manager, their data protection policies should be checked.

    Data Processor

    This is a company or individual who processes the information on behalf of the data controller.
  2. Why is the data processed? If you cannot answer this question then it probably means you shouldn’t be holding the data!
  3. How long the data should be held for. Data on young people or adults should not be held for longer than is required i.e. any data relating to a young person should be removed when they leave the group.

The GDPR Toolkit released by the Scout Association includes a Data Inventory which will serve as a useful starting point for any executive committees looking to carry out a Data Identification exercise.

3 Communication Privacy Information

When collecting information, we need to ensure that we are transparent about why we are collecting the data and what we are going to do with it. Any information forms that you use for collecting personal data – e.g. joining forms, event forms – should include information on the following:
a. your identity and how you intend to use their information.
b. your lawful basis for processing the data (see step 6 below)
c. your data retention periods
d. individuals right to complain to the ICO if they think there is a problem with the way you are handling their data.
GDPR requires the information to be provided in concise, easy to understand and clear language. This can be provided on the form or by referring to a published Privacy Notice.

4 Individual's Rights

GDPR provides individuals with greater rights. It recognises that using data for communication to young people, parents/guardians or adult volunteers is essential for the effective operation of groups and Districts and categorises them as necessary to fulfil your role. However, this communication should only be for the purposes of the group and district and not for further advertising e.g. fundraising events unless the person receiving the communication has specifically opted-in.

5 Subject Access Requests

These are not new as individuals have always had the right to make a Subject Access Request but GDPR reduces the time data controllers have to comply to one month and removes the £10 charge data controllers could previously levy to those making a request.

Subject Access Request

A request from an individual to the group or district to find out what information you hold on them

A process for executive committees to use when responding to Subject Access Requests can be found in The Scout Association’s  Guide to GDPR Subject Access Request process .

6 Lawful Basis

Many executive committees will have never thought about their lawful basis for processing personal data but under GDPR individuals’ rights depend on the lawful basis for processing their personal data so it is important that the lawful basis for processing data is identified. There are a number of lawful bases under which data can be used but the most relevant for Scouting are:

  1. Consent – The individual has given consent for their data to be used.
  2. Compliance with Legal Obligations – Legal obligations e.g. Disclosure Checks supersede GDPR
  3. Legitimate Interest – the use of personal data by a data controller is deemed necessary (e.g. to provide the product or service) or would reasonably be expected by a data subject

A Lawful Processing Records tool is included in The Scout Association’s GDPR Toolkit and provides a starting point for Executive Committee’s looking to establish the lawful basis for processing personal data.

7 Consent

For any data for which the Consent legal basis is used, a positive opt-in is required i.e. pre-ticked boxes, presumed consent by silence, opt-outs or any other method of default consent cannot be used.

8 Children

For the first time, the GDPR will bring in special protection for children’s personal data. GDPR sets the age when a child can give their own consent to this processing at 16 (although this may be lowered to a minimum of 13 in the UK). If a child is younger then you will need to get consent from a person holding ‘parental responsibility’.

9 Data Breaches

Executive committees need to put procedures in place to effectively detect, report and investigate a Personal Data Breach. GDPR brings a duty to notify the ICO when they suffer a personal data breach within 72 hours or risk a significant fine.

Personal Data Breach

A breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data

Where a breach is likely to result in a high risk to the rights and freedoms of individuals – e.g. leaves them open to identity theft – groups and districts are required to notify those concerned directly.

10 Data Protection Officers

Under GDPR, it will be mandatory for organisations processing personal data on a large scale as a ‘core’ activity for systematic monitoring purpose or involving sensitive personal data to appoint a Data Protection Officer (DPO). Scout Units as smaller organisations operating locally will not be required to appoint a DPO. However, Executive Committees must ensure that they can fulfil their obligations under the GDPR and therefore it is advisable to allocate an executive member to oversee GDPR compliance wherever possible.

Working through these steps will provide Executive Committees with a clearer idea of what is required to ensure that they are compliant with GDPR.
The Risk and Audit Committee of the Regional Executive will continue to review the implementation of GDPR and provide updates where necessary. If you have any questions about GDPR you can speak to Brian Muir, Chair of the Risk and Audit Committee, or Martin Elliot, Deputy Regional Commissioner, or e-mail communication@sesscouts.org.uk .

Useful links

Finding new leaders

Finding new leaders

Takeaway

1st North Berwick Recruitment Event

To find new leaders we arranged a Scout Information evening; advertised it widely; showcased our Group and emphasised the need for more help; explained waiting lists; took details from those attending; followed up with information and offers of support.  We now have six new leaders, whose enthusiasm has invigorated our existing team and greatly strengthened our Group.

Background

Like many Groups across the Region, we are always in need of new leaders, with increasing waiting lists and changes in circumstances of existing leaders, so we decided to launch a recruitment event in June 2017. We did this to help us continue to provide the exciting, adventurous Scouting that we already do deliver with our young people on a weekly basis, and also to support our leaders in their roles and help them sustain their commitment by sharing with others the load and privilege of being a leader.
So what did we do?

Advertising
  • First, we called our event a Scout Information Evening, instead of a recruitment event, to encourage people to attend.
  • We contacted all our existing membership and waiting-list parents.
  • We used every social media outlet locally e.g. Facebook groups for primary and secondary schools, residential community groups, newsletters, church announcements, personal contacts.
  • We placed posters advertising the Information Event throughout the High Street and all high-traffic areas in our town.
The evening

We arranged the meeting in our Scout hall where we had fantastic displays from every section with amazing pictures of varied activities and experiences.  These were hugely appreciated and a great source of discussion to help illustrate what it is we do in Scouting and how we deliver it in our Group.

Many of our Group Executive  and leaders from every section attended in uniform and hosted tea and coffee on arrival so people could chat with leaders and Exec members in an informal way.

We had a slideshow ongoing through the start of the evening to demonstrate the huge range of experiences on offer.

Nearly 40 people attended, which surprised me, but equally I was thrilled, as we had no idea if anyone might turn up.

I did a short presentation about 1st North Berwick Group, what our young people thought about our Scouting, what we needed, what was the reality of a child on our waiting list ever getting into their section due to huge demand and the capacity of leaders to meet that demand. I was very open and honest about the reality and the needs we had, and stated that by becoming a leader or an exec member their child would be offered a place in recognition of the time and commitment they were willing to offer by agreeing to an appointment for a minimum of two years.

I was clear about how many leaders we hoped for and about our desire to open a new Beaver colony as that was where we had the largest waiting list and said that we wanted to increase our Scouting provision locally with parental or other adult support, by recruiting new leaders to support existing section leaders.  Some of our leaders and Exec members spoke about their role and why they got involved, and gave an honest insight into what being this meant to them.

I reassured everyone that they didn’t need a Scouting background or to be Bear Grylls but stated that they did need to have a willingness to work in partnership with young people in our community and to learn and try new things.

All who attended completed an information form with details about their child/children, and what they as adults could offer to help our group, with options of weekly to termly commitments, by running activities, helping with trips, admin support for sections, getting involved in our Exec.  This meant that afterwards we had a register of who was there and it also gave people a chance to consider what they could offer after the Information Evening.

The evening closed with a question-and-answer session.

Follow-up

Then the hard work began as everyone who attended was e-mailed and thanked for their interest. Those who couldn’t attend but had been in touch by phone or e-mail were also sent an information sheet to complete. The offers of help were varied and it took some time to analyse who could do what and when, and match what they could offer with what we needed as a Group.

Then those who specifically offered some assistance were invited to meet up again for a short meeting to explore their offers to see if we could turn them into a reality. A more detailed explanation was given about the Appointment process along with reassurance that training and support would be available regardless of the role undertaken.

Bottom line

The event with subsequent follow-up resulted in 8 new potential leaders being identified but two subsequently withdrew as their circumstances had changed, so we successfully recruited 6 new leaders who now help deliver our Scouting on a weekly basis plus one person on a fortnightly basis. Their enthusiasm and fresh perspectives have invigorated and supported the existing teams and 1st North Berwick Group has grown in strength, size and profile within our town. 

Hilary Cartwright GSL 1st North Berwick

New website for ENE

New website for ENE

Scott Richards explains how Edinburgh North East District went about setting up their new website.

We’d been without a working District website for some time and were conscious that when parents in Trinity, Leith and Portobello were ‘googling’ local Scouting provision, the results were not particularly helpful, often pointing to one popular Scout Group website which is actually outside of the District.

So, we initially consulted with the District Executive on what they wanted from a website – distinct from the Region and individual Group sites, and produced a working prototype to show them/gain feedback. Then we invited a wider BETA group of District users to try out the site and make suggestions for features. We logged the suggestions and have been working through the list with regular improvement releases.  This ‘user-led’ development process helps ensure that we provide a website relevant to the needs of the parents and the Groups/Units. Paul Finch at the 64th ENE (Stockbridge) Group has been central to the website design and build.

Separately, we’ve been experimenting with a private Facebook page for leaders only. The purpose of this page is to help leaders share district events and programme ideas quickly and allow online conversations about topics of common interest, away from public gaze. Again, we experimented with a small group of Scout leader users, which was successful, and we are now rolling this out to all leaders (on Facebook) in the district.

Why not visit the site to see what has been achieved?