Keeping your data safe
For the purposes and lifetime of membership of the Student Scout and Guide Organisation, a limited number of items of personal information is collected for the duration of a SSAGO member's membership. This information is provided by the member themselves in order to enable them to participate as a full SSAGO member.
Other non-personally identifable information, such as the year in which a member joins SSAGO, may also be kept alongside your membership record, in order to enable SSAGO to function effectively and in compliance with Non-Personal Data Regulations.
A SSAGO member has access to their personal details and information and is able to update and modify them themselves to ensure the information is correct and up to date. A yearly process ensures that this information is reviewed and corrected.
The club that a SSAGO member belongs to is able to view the membership information of their members, with the exception of In-Touch information for which a member may choose not to share with their club.
The National SSAGO team have the ability to view membership information of all National SSAGO members, with the exception of In-Touch information for which a member may choose not to share with the Exec.
Event organisers have the ability to view membership information of all attendees, including all In-Touch information unless otherwise arranged.
SSAGO only supports the sharing of information with the following third parties:
With consent from the SSAGO member, SSAGO information may be shared with other events which link with the SSAGO Events System and other associated organisations, such as the Scout and Guide Graduate Association (SAGGA).
Information will not be shared with any other third party without the prior consent of the individuals involved.
Select non-sensitive personal information, such as name and club, may be shared publicly on events pages, news articles, club pages and similar resources and used for archival purposes.
SSAGO processes membership data under clause the legitimate interests clause of the GDPR and within the reasonable expectations of the use of the data by the data subject. This caluse states that the processing is "necessary for the purposes of the legitimate interests pursued by a controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child".
All communication that you receive as a member of SSAGO is as of a legitimate interest on the basis of an existing relationship with the member and for the purposes of SSAGO activities, clubs and events.
All information about SSAGO members is stored as part of the SSAGO Website and Database in a secure, central location on a UK-based server hosted in London, compliant with GDPR data storage and security requirements.
For the purpose of events and their associated committees and the running of National SSAGO by the SSAGO Exec, copies of this information may be created and stored only on the SSAGO Google GSuite service, which is fully compliant with GDPR and held within the EU and also centrally controlled and managed by National SSAGO to ensure compliance.
If your account expires due to no longer being an active SSAGO member, your full SSAGO data is maintained for a period of a year in case of accidental removal or a return to SSAGO at a later point. After a year, all special category data is removed, but the basic personal information is retained for archival purposes and also to allow a future reactivation of your SSAGO account. SSAGO members also have the choice to completely close and remove their account and all associated information should they wish, although if enacted by a current SSAGO member this will terminate your membership status with SSAGO.
If you have any further queries, please contact the SSAGO exec at firstname.lastname@example.org