4.4 Data Privacy
- Global Team members will complete self-led training on Data Protection7
- Children and young people’s personal identifiable information (PII)8 will only be obtained, used, and stored with consent, in line with relevant data and privacy laws and in an ethical way that ensures their safety and privacy, and minimises risk of harm.
- Data that is collected will be restricted to only information required to carry out WAGGGS activities.
- The number of WAGGGS Global Team members who have access to sensitive data will be restricted and protocols will be in place to ensure the safe storage of physical and electronic data. When WAGGGS sends data to a third party, including Member Organisations, a data sharing agreement must be in place.
7 Data Protection: the careful handling of personal data and confidential information and ensuring that information is held securely and shared on an appropriate lawful basis. In January 2021, the UK General Data Protection Regulation (UK GDPR) came into effect, following EU GDRP law as the toughest privacy and security law in the world. It has set high standards for data protection and is based on the principles that privacy is a fundamental human right.
8 Personal Identifiable Information (PII): any information that could identify a person either directly or indirectly. For example, full names and contact details and photos and videos with identifying markers. In general, where personal data is collected, WAGGGS will need evidence of the individual’s informed consent to collect, use and share this information.