A short, plain-language page for committee chairs and parents. What we collect, who sees it, and how we keep it safe.
Every piece of information in Compass is tagged for an audience. The same scout's record looks completely different depending on who is signed in — or whether anyone is signed in at all.
| Information | A stranger on the public page | A parent in the troop | A registered leader | A committee chair |
|---|---|---|---|---|
| Scout's first name | First + initial | Yes | Yes | Yes |
| Scout's last name | No | Opt-in | Yes | Yes |
| Phone & address | No | Opt-in | Yes | Yes |
| Photo (with parent consent) | Opt-in | Yes | Yes | Yes |
| Allergies & dietary flags | No | Opt-in | Yes | Yes |
| YPT training status | No | Yes | Yes | Yes |
Most parents and leaders sign in with Google or Apple — the accounts they already use. Anyone with admin permissions (committee chair, scoutmaster, treasurer, webmaster) is required to sign in this way; passwords aren't an option for admin accounts.
For parents who'd rather use a password, it has to be at least 12 characters. Every failed sign-in attempt is logged, so an unusual pattern of guesses against a family is something a committee chair can review.
Everything is encrypted on its way to us (TLS 1.2+) and while it sits on our servers (AES-256 at rest). Database backups are encrypted with a key that is unique to your troop, so a stolen backup tape isn't a stolen roster.
Every time a leader exports a roster, downloads a form, or changes a permission, we keep a record of who did what and when. Committee chairs can download this log any time.
Your troop owns your data. Click ‘Export everything’ in settings and you get a ZIP with every roster, photo, message, and document — no questions, no waiting, no fee. If you ever leave Compass, you walk out with everything.
Public troop pages show first name and last initial only. Phone numbers and addresses are never displayed to anyone outside the troop — not even to other parents in the troop unless that family opts in.
A scout's photo only appears in the gallery, on the website, or in newsletters if their parent has signed the photo release in Compass. Change your mind? One click and every photo of that scout is hidden everywhere.
A leader cannot send a one-on-one message to a scout. Every direct conversation with a youth automatically copies a second registered adult and the parent — matching Scouting America's Youth Protection rules.
Committee chairs can see at a glance which registered adults have a current Youth Protection Training certificate. Anyone overdue is flagged and can't be added to a campout roster.
Software has bugs and people make mistakes. If we ever discover a problem with your troop's data, we'll tell you what happened, what was involved, and what we recommend — in plain English, as soon as we know.
Compass doesn't process payments. Money moves through your existing channels (check, Venmo, Zelle, Scoutbook payments). We have no PCI surface to attack because we never touch a card number.
Anything involving a scout under 13 requires a verified parent account. No exceptions, no workarounds.
We respect GDPR (Europe) and CCPA (California) data-subject rights and will sign a Data Processing Agreement if your council requires one.