Camp Crusoe Data Protection Policy

1 INTRODUCTION

1.1 This policy describes how Camp Crusoe collects, processes, shares and stores personal data.

1.2 Camp Crusoe Ltd. is registered with the Information Commissioner’s Office.

2 PERSONAL DATA WE HOLD

2.1 Camp Crusoe receives and processes personal data from a number of sources. We collect the minimum amount of data that is required in order for us to provide our services and to meet our statutory obligations.

2.2 For summer camps:

  • Children’s details (name, age, etc).

  • Names and contact details of parents/guardians.

  • Home address of child.

  • Medical details of child.

  • Images to be used for marketing purposes are only taken when permission has been granted.

2.3 We maintain a database of contact information of customers who are interested in receiving marketing information from us. Individuals need to expressly ‘sign up’ to receive these communications. We will only contact individuals with information relevant to them. Individuals are able to remove themselves from this marketing list at any time by contacting our office by email or phone, or through ‘Unsubscribe’ links included within all email marketing.

2.4 Personal data of current staff and volunteers, including names, date of birth, home addresses, phone numbers, next of kin contact details, pre-employment checks, pay details and qualifications and records from their employment/volunteering (appraisals and disciplinary actions, etc) will be stored under lock and key.

2.5 The minimum amount of personal data of staff and volunteers no longer with Camp Crusoe will be retained as required by law. Names and end of term reviews will be kept for three years for reference applications unless the member of staff/volunteer requests for the information to be deleted before that.

2.6 We do not retain any banking information belonging to our customers.

2.7 Reports of Accidents involving children and staff are retained for a minimum of 3 years and up to 40 years in order for us to meet our legal obligations. Accident records are kept under lock and key.

2.8 A medical log including first aid events involving children and staff is kept and retained for a minimum of 3 years and up to 40 years in order for us to meet our legal obligations and is kept under lock and key.

3. SHARING OF INFORMATION WITH THIRD PARTIES

3.1 Camp Crusoe will not disclose personal data of any customer or staff member to a third party unless legally required to do so.

3.2 Our own employees are given details of personal information on a ‘need to know’ basis.

4. STORAGE OF PERSONAL DATA

4.1 Camp Crusoe has put in place appropriate technical and organisational measures to protect all data we hold against unauthorised or unlawful processing or against accidental loss or destruction or damage.

5. DATA BREACHES

5.1 In the event of a data breach, Camp Crusoe will adopt current guidance and best practice as advised by the Information Commissioner’s Office.

6. ACCESSING THE DATA WE HOLD

6.1 In accordance with our legal obligations, we will make available the data we hold on an individual. Requests to view this data should be made in writing and addressed to the Camp Director. We will respond to requests within 21 days.

6.2 Camp Crusoe reserves the right to require proof of identification before providing an individual access to their personal data.

7. COMPLIANCE WITH THE REGULATIONS

7.1 The Camp Director at Camp Crusoe is responsible for implementing this policy, including the training of staff, and compliance with all relevant current regulations.