Skip to content. Skip to main navigation.
Boy Scouts of America
Effective: February 18, 2020
Who We Are
Note regarding the General Data Protection Regulation (GDPR): We do not contemplate offering goods or services to individuals in the European Union except to U.S. service members and Department of Defense personnel and their families who are stationed in Europe and choose to participate in our programs through the BSA Transatlantic Council based at U.S. Army Garrison Benelux in Brussels, Belgium.
To the extent we collect or process personal information of individuals in the European Union, we will do so in accordance with this policy. Should you have questions or concerns regarding your personal information, or to submit a data subject request regarding your personal information please send an email to email@example.com. For further information consistent with the requirements of GDPR, please see the Region-Specific Disclosures section below.
Note regarding definitions: The following terms, as used in this policy, have the following meanings:
What We Collect
We collect two basic types of information – personal information and anonymous data – and we may use personal information and anonymous data to create a third type of information, aggregate data. For example, we collect:
How We Collect Information
We collect your personal information when you provide it to us in the course of requesting or ordering products, services or information from us, registering with us (e.g., for a program, an event, or an activity), entering a contest or promotion, subscribing to our services, participating in public forums on our sites and applications, responding to surveys, or otherwise interacting with us through our websites and applications. We collect anonymous data through technology, such as cookies, and Web beacons, that we use to operate our websites and applications. For further information about those technologies, please see the Your Controls and Choices section of this policy.
Note: The information you provide to BSA local councils through their websites and applications is collected separately by them and is subject to their privacy practices and those of their service providers. Privacy choices you have made on a local council’s website or application will not apply to our use of information we have collected directly through our websites and applications.
How We Use Information
Consistent with applicable law and choices and controls that may be available to you, we may use information collected from you, or from devices associated with you, to:
Sharing Your Information with Others
We may share your personal information with our chartered local councils for their administrative purposes, including the proper and efficient administration of our programs and replying to members’ and volunteers’ requests for information.
We may share personal information you provided when joining one of our affinity groups (e.g., the National Eagle Scout Association, Scouting Alumni & Friends) with carefully selected providers of membership benefits, for the sole purpose of such providers communicating with you about such benefits to you. However, we do not share any lists of current or former registered members or leaders of the BSA or lists of BSA donors with any third party for its direct marketing purposes.
In addition, we may share your personal information:
Your Controls and Choices
You always have the choice to not provide your personal information to us or change your communication choices, but consequently you may not be able to receive certain goods or services or participate in certain programs or activities. Certain communications are mandatory for all registered adult volunteers and others attending or participating in certain Scouting events, as explained below. Depending on the Internet browser and device you use to interact with us, you may have the ability to control the use of certain tracking technologies through which we gather anonymous data. For further information about exercising these choices and controls, please see below.
The list above is not an exhaustive list of all BSA websites. You may have created an account through a BSA website not listed here. If you need assistance accessing a BSA website not listed here, please contact BSA Member Care by calling 972-580-2000 or submitting a request at membercare.scouting.org.
NOTE: If you have separately joined one of our affinity groups, such as Scouting Alumni & Friends, you may receive as a benefit of membership targeted offers and promotions for products and services from carefully selected third parties. You may exercise your choice to not receive such offers or promotions at any time by following the third party’s opt-out procedures or contacting us at the address listed below.
Digital privacy is a component of BSA’s commitment to youth protection and safety. As such, we do not collect the personal information of children under the age of 13 unless a child’s parent or legal guardian provides it to us through the online membership registration process or a child provides it to us to enter a contest or promotion. In any event, consistent with the U.S. Children’s Online Privacy Protection Act (COPPA), a parent may review or have deleted their child’s personal information, and prohibit its further collection or use. If you have a request in relation to the personal information of your child below the age of 13, please send an email to firstname.lastname@example.org.
For contests and promotions, we typically require only the information necessary for a child to enter, such as first name (to distinguish among family members) and his or her online contact information. We will only use the child’s online contact information to enter him or her into the contest or promotion and contact him or her once when the contest ends. If a contest or sweepstakes asks the child to submit his or her own created content with the entry and that content contains the child’s personal information, then we will either pre-screen the submission to remove any personal information or seek parental consent by email for the collection. To facilitate delivery of the contest’s prize, we may ask a child at the time of entry to also provide her or her parent or legal guardian’s online contact information, which we will only use to notify the parent or legal guardian if the child wins the contest or promotion.
Our sites and applications that are age-gated are not intended for use by children, and we do not knowingly collect personal information from children under 13 through those sites and applications. In the unlikely event we discover that we have collected personal information from a child other than as described in this section, we will either delete the information immediately or promptly seek the parent or legal guardian’s consent to use the information.
Data Security, Integrity and Retention
Comments and Questions
If you have a comment or question about this policy or our treatment of your information, you may email us at email@example.com, write to us at Boy Scouts of America, Attn: Privacy Compliance-Legal Department, 1325 West Walnut Hill Lane, Irving, Texas 75038, or contact our Member Care Center at (972) 580-2000. Our sites and applications may contain links to other sites not owned or controlled by us and we are not responsible for the privacy practices of those sites. We encourage you to be aware when you leave our sites or applications and to read the privacy policies of other sites that may collect your personal information.
Notice to California Residents: If you are a California resident, you may have certain additional rights.
California Civil Code § 1798.120 may permit you to “opt out” of the “sale” of your “personal information” to “third parties” (as those terms are defined in the California Consumer Privacy Act). As described above in this policy, we do not sell or lease our lists of BSA members or leaders, or of BSA donors, though we may share lists of those who have separately joined one of our affinity groups with carefully selected third parties for their direct marketing purposes.
If you are a member of an affinity group, you may exercise your choice to opt-out using the methods described in the Controls and Choices section of this policy or by sending us an email at firstname.lastname@example.org. In addition, pursuant to California Civil Code § 1798.83, you may request information regarding the disclosure of your personal information to third parties for the third parties’ direct marketing purposes. To submit such a request, please send an email to email@example.com.
Furthermore, California Civil Code §§ 1798.100 and 1798.105 may permit you to make requests to access categories and specific pieces of personal information about you, as well as to request to delete personal information about you. California Business and Professions Code § 22581 permits registered users who are minors to request and obtain removal of content they have publicly posted. To submit such requests, please send an email to firstname.lastname@example.org with a detailed description of the specific content or information at issue. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
General Data Protection Regulation:
Article 13 of the General Data Protection Regulation (GDPR) requires those who collect personal information from individuals in the European Union to provide certain information to such individuals at the time their personal information is collected. In GDPR parlance, those who collect and direct the use of such personal information are referred to as “data controllers” or simply “controllers”, and such individuals are referred to as “data subjects”. The terms “processing”, “profiling”, and “recipient” are defined in Article 4 of the GDPR, as is the term “personal data”, which is analogous to the term “personal information” used in this policy. Much of the information required by Article 13 is set forth elsewhere in this policy. For ease of reference, below we have indexed the contents of this policy to the specific requirements of Article 13 and included additional commentary as appropriate:
|GDPR Article 13 requirement||Relevant section of this policy and additional commentary|
|The identity and the contact details of the controller and, where applicable, of the controller’s representative||“Who We Are” identifies the controller and “Comments and Questions” provides the contact details of the controller’s representative|
|The contact details of the data protection officer, where applicable||Not applicable|
|The purposes of the processing for which the personal data are intended as well as the legal basis for the processing||“How We Use Information” describes why we collect, store and use personal information, and “Sharing Your Information with Others” describes why we disclose personal information to third parties. We process personal information because it is necessary to either (a) perform a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, (b) protect against threats to health and provide medical treatment, (c) serve our legitimate interests in the safe and proper administration of our programs, activities, events, and advancements, or (d) comply with legal requirements. With respect to the personal data of employees of the BSA Transatlantic Council based in Brussels, Belgium, at U.S. Army Garrison Benelux, we process such personal information for internal administrative purposes.|
|The recipients or categories of recipients of the personal data, if any||“Who We Are” and “Sharing Your Information with Others” identifies the recipients of personal information|
|Where applicable, the fact that the controller intends to transfer personal data to a third country or international organization||Not applicable|
|The period for which the personal data will be stored||“Data Security, Integrity and Retention” describes how long we store personal information|
|The existence of certain rights of the data subject||Pursuant to GDPR, data subjects (i.e., individuals in the European Union) have the right to (a) request access to their personal information; (b) rectify or correct inaccurate personal information; (c) have their personal information erased in certain circumstances; (d) restrict the processing of their personal information in certain circumstances; (e) object to the processing of their personal information in certain circumstances, such as processing for direct marketing purposes; and (f) the right to receive, in a structured, commonly used and machine-readable format, the personal information he or she has provided to us under certain circumstances and the right to transmit such data to another controller.|
|The right to complain to a supervisory authority||Pursuant to GDPR, data subjects (i.e., individuals in the European Union) have the right to lodge a complaint with one of the independent public authorities established by the countries in the European Union (each such public authority is referred to as a “supervisory authority” in GDPR parlance).|
|Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data;||“Your Controls and Choices” describes your options for providing personal information to us and the potential consequences of your choices. The provision of personal data by you, the data subject, is your choice and not a statutory requirement, unless indicated otherwise at the point of collection.|
|The existence of automated decision-making, including profiling||We use automated processes, such as data analytics, to analyze your personal preferences, interests, and location with respect to our programs, products and services, and we use such analyses to deliver to you offers, promotions and other information we believe you would find interesting or useful.|