TYA have taken measures to ensure we are compliant with the new GDPR legislation and this page sets out the three key elements of GDPR and how that relates to TYA
1 Data we hold:
Information we hold is as follows:
Youth Club members
Contact information, including address, e-mail address (where relevant) and telephone number
Medical conditions, allergies and other information that parents feel is relevant and useful for us to know for safeguarding
Parents and emergency contacts
Contact information as above for young people.
Staff and volunteers (including Trustees)
Contact information as above
Bank account information and National Insurance number (paid staff only)
Disclosure information through P.V.G (Protecting Vulnerable Groups Scheme)
Supervision and disciplinary records
We do not ask for, hold or share any information relating to a young person’s sexual identity, ethnicity or religious or political beliefs.
2 Why we hold this information (lawful basis for processing)
Youth Club members, parents and emergency contacts: we have a legitimate interest in safeguarding young people (medical information) and need parental contact information to inform them of any changes to provision.
Staff, Volunteers and Trustees
Legal obligation through P.V.G. act
Legal obligation through HMRC (paid employees)
Legitimate interest in being able to contact staff and volunteers to discuss youth club related activity and business.
3 How we keep this information safe
We don’t pass on or sell information we hold to third parties but it’s important to note that we do work in collaboration with organisations such as schools. GIRFEC (Getting It Right For Every Child) encourages appropriate sharing of relevant information and, while we never give out contact information, it is appropriate to acknowledge inputs we deliver to identified young people at the High School. Appropriately sharing information allows us to take a person centred approach which is fundamental to youth work.
Paper copies of contracts, bank details and PVG information are all kept in a locked filing cabinet in our Peebles Youth Club. Only the TYA Manager has the key to this.
Membership forms and permission slips are kept in locked filing cabinets in our Peebles and Innerleithen Youth Club offices.
Digital information is stored securely on our encrypted, online database. To ensure GDPR compliance we have consulted with our database creator, Chris Hurst and can confirm that the database is secure.
Further digital information is securely stored on the TYA Manager’s password protected computer in the Peebles office. Passwords are in line with our password and data protection policy.
Like many other website operators we use ‘cookies’ on our website to improve the customer experience, deliver content tailored to your interests and serve relevant online targeted advertising, as well as learn more about how you interact with the site.
Cookies are small data files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use and navigation of the website and to compile statistical reports on website activity.
Cookies used by TYA
_ga : Google Analytics cookie
_gid :Google Analytics cookie
ss_cid : Squarespace Analytics cookie
ss_cp : Squarespace Analytics cookie
ss_cvisit : Squarespace Analytics cookie
ss_cvr : Squarespace Analytics cookie
ss_cvt : Squarespace Analytics cookie
In common with many other websites when you visit www.tweeddaleyouth.co.uk we use Google Analytics to collect standard internet log information and details of visitor behaviour patterns. We do this not to identify you personally but to analyse your use of our website in order to deliver relevant website content and advertisements to you and to understand the effectiveness of our marketing and advertising activities.
By visiting our website we may have access to your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
This data may be processed for the purposes of analysing the use of our website and our services. The legal basis for this processing is Legitimate Interest, namely monitoring and improving our website and services.
TYA does not collect personal data about individuals except where there is a legitimate business interest (see below) or when such information is provided voluntarily via consent, or by entering into a contract with us or where required to do so by law.