We provide fun, challenge and adventure to over 1400 young people in North Lancashire – #SkillsForLife
We provide fun, challenge and adventure to over 1400 young people in North Lancashire – #SkillsForLife

GDPR toolkit

Data protection is a key responsibility for anybody that has access to the personal data of individuals.

This guidance material has been designed to help you understand the legislation applicable for data protection and provide tooling for alignment to the legislation.
Following feedback on the GDPR Toolkit, the Scouts have redesigned this guidance to be more step based with bite size materials that can be used in isolation. This includes the simplification of the previous GDPR Framework to line up with the new steps-based guidance.

There are 12 steps as part of this guidance. To keep track of your progress through the material you can use the GDPR Alignment Checklist. As you are working through these 12 steps you may identify risks in the way you are operating. The GDPR Risk Register can be used to assist in tracking these risks.

Answers to frequent questions that have been received at the Scouts UK headquarters have been collated and can be found here.

Understanding GDPR training video

Extract from West Lancashire Scouts website:

So, GDPR, we’re all getting e-mails to give consent to many different companies who want to “keep in touch” and we’re a bit worried that as Scouters, we may be a bit behind with all of this….or are we?

One thing is certain, for years, most people have been taking care of the data we use for Scouting and doing our best to “do the right thing”.
In that respect, we are well prepared for GDPR.

There also doesn’t appear to be a central plan or support for getting us into a place where we are 100% compliant. Indeed a lot of the words and explanations are a bit too techie and we are frightened of doing something wrong.

West Lancashire Scouts have pulled together a team of local Scouters with varying experiences and skills relating to GDPR and are now planning a programme of support to hold your hand and over the next few weeks, assist you in ensuring that you have no more fears about GDPR and that we are all in a good place as to what data we ask for and hold, how we store and use it and how we get rid of it when it is no longer required.

Before you rush off to shred everything “just in case”, STOP!

Keep calm and subscribe to our GDPR Support Group where, over the coming weeks we will help you follow a programme of bite-sized pieces of work to ensure that you, your Group and/or District comply with all aspects of GDPR.

To Subscribe, either update the details sent to you in an e-mail offering you the opportunity to update your settings or visit this link and tick the box about GDPR.

Please also join our Facebook Support Group:


Step 1

What do I need to know about GDPR – Introduction to the GDPR and key terms to be aware of

Step 2

Who is responsible for what – Exploration of the roles within the GDPR and what they mean

Step 3

Appointing a data protection lead – The benefits of a data protection lead and what services are available.

Step 4

Understanding data subjects’ rights – Exploring the rights of data subjects and how to respond to these rights

Step 5

Gathering data – Examples and tooling for the creation of best practice surveys and forms

Step 6

Data discovery – Exploring the data you have and how to look for it

Step 7

Keep a record – Recording the data you have and the processes you use to gather it

Step 8

Check your security – Looking at the ways you can secure data and keeping a record of the security in place

Step 9

Third parties – Discovering and recording the third parties you use

Step 10

Publish your privacy stance – Examples and tooling to help create privacy notices and statements

Step 11

Delete and destroy – Making sure you only keep data as long as you need it and how you should get rid of it

Step 12

Responding to a breach – Understanding what a breach is and how to deal with it