Version 1, December 2025
This is the Data Retention Policy of the 4th Stafford Scout Group – Exempt Charity in England and Wales (EW89372).
POR Chapter 2a.4 [Nov25] – “As part of the management of personal data collected and used by their charity, the Trustee Board of each charity within Scouts’ federation of charities must ensure that their Group [] publishes and maintains a data retention policy.”
The purpose of this policy is to specify Group guidelines for retaining different types of data and for how long.
The 4th Stafford Scout Group will be referred to as “Group” or “the Group” for the purposes of this document.
This policy covers all data in the possession or control of the Group, regardless of the medium in or on which those data are held. Where statute or regulation departs from the requirements of this policy, the Group will comply with the relevant statute or regulation. This policy may be updated from time to time and has been approved by the Group’s Board of Trustees.
The document should be used in conjunction with the Group’s GDPR and Privacy Statement.
Personal data retention is governed by current Data Protection legislation. This data must be kept accurate, up to date and retained for no longer than is necessary for the purpose for which they were obtained. Details of retention periods can be found in Appendix A – Retention periods.
It may be necessary to securely dispose of data before the retention period if the data is no longer required. For that reason, the retention periods act as a maximum retention period, rather than an absolute retention period.
Where personal data is processed using the lawful basis of legitimate interest or consent, the data subject has a number of rights that they can exercise over this data, such as deletion or rectification. Communications with these data subjects will need to clearly signpost them to their ability to withdraw this consent or challenge the legitimate interest that has been assessed, which is commonly known as ‘opt out’. A formal retention period for data processing based on consent has not been defined in this policy and is assumed as permanent until the data subject exercises their rights to cease the processing activity.
The Appendix is segregated into the different types of data subjects the Group is the data controller for. Each section then specifies the data processes used for each of the data sets.
The retention period is applicable at the point where the relationship has finished, for example, where a member has left the organisation, unless otherwise stated.
Personal data held by the Group will be stored in the Group’s online membership and administration system, Online Scout Manager (OSM).
Data retention periods are set within the system to automatically erase data after the retention period outlined below has elapsed.
All young people’s data collected by the Group is stored on the Group’s online membership and administration system, Online Scout Manager (OSM).
| Data Process | Data Type | Retention | Justification |
| Pre-join enquiries | Personal data | 1 Year after the enquiry or until the young person joins a Section. | Required for placing an individual on a waiting list for a place and to keep them informed of their joining status. |
| Joining | Personal and Sensitive data (including special categories) | 7 Years after the young person leaves. | Required for enquiries on membership and to respond to enquiries from HQ or statutory agencies regarding incidents. This data is associated with their OSM personal record. |
| Events | List of attendees | 15 years after the event. | Required for enquiries on the event and responding to incidents, as well as attendance trends. |
| Incident – No medical intervention | Personal and Sensitive data | 7 years after the incident, or 7 years after the individual turns 18 if later. | Legal claims raised against the incident. |
| Training records (badges) | Name of young person and badge records only. | 7 Years after the young person leaves | Required for tracking trends in badge completion, to monitor and make improvements to section programmes as required. Also required for if anyone re-joins to connect them back to their training/badge records. This data is associated with their OSM personal record. |
| Attendance register | List of names only. | 15 years | Required to complete annual registration review. Required to prove attendance for Gift Aid reclamation. |
All adult data collected by the Group is stored on the Scout Association’s online membership system at Scouts.org. Some limited data will be stored on the Group’s online membership and administration system, Online Scout Manager (OSM), such as names and contact email addresses.
Data held on Scouts.org is subject to the Scouts Association’s own Data Retention Policy.
| Data Process | Data Type | Retention | Justification |
| Pre-join enquiries | Personal data | 1 Year after the enquiry or until an adult volunteer joins. | Required for placing an individual on a waiting list for a place, and to keep them informed of their joining status |
| Joining | Personal and Sensitive data | 1 Year after the adult volunteer leaves | Required for enquiries on membership and to reconnect records if a member returns to Scouting. |
| Events | List of attendees | 15 years after the event | Required for enquiries on the event and responding to incidents, as well as attendance trends. |
| Incident – No medical intervention | Personal and Sensitive data | 7 years after the incident. | Legal claims raised against the incident |
All data collected by the Group about the parents of our young people (members) is stored on the Group’s online membership and administration system, Online Scout Manager (OSM), and is associated with the young person’s membership details and profile. That that reason, parents’ data will follow the same retention periods as young people’s (member) data, unless otherwise stated.
| Data Process | Data Type | Retention | Justification |
| Pre-join enquiries | Personal data | 1 Year after the enquiry or until the young person joins a Section. | Required for placing an individual on a waiting list for a place and to keep them informed of their joining status. |
| Joining | Personal data | 7 Years after the young person leaves. | Required for enquiries on membership and to respond to enquiries from HQ or statutory agencies regarding incidents. |
| Events | List of attendees | Up to 15 years after the event | Required for enquiries on the event and responding to incidents, as well as attendance trends. (data may be removed before this period on an event-by-event basis). |
| Incident – No medical intervention | Personal data | 7 years after the incident. | Legal claims raised against the incident |
An explorer, adventurer and TV presenter, Dwayne's been seen in BAFTA nominated Channel 5 series Race to the Pole, on BBC Springwatch, Countryfile, National Geographic and Disney+.
Find out more
