From the 25th May 2018 the new General Data Protection Register, (GDPR) will become law. As an organisation that gathers and uses data (information) we are required to review our data handling and related procedures.
The new law states that you have 9 rights in relation to the data we hold. These are:
As a nursery we require some essential data from parents. This 'data' can be as simple and as routine as your address, a contact phone number or any medical conditions your child may have. Such information is not only legally required by the nursery, but also ensures that children and their families are well served by the nursery for routine matters.
In most cases, this data will be provided by you in a written form but will then be 'processed' and entered onto the nursery's information management systems (computer system). Be assured that our systems are:
However, as a nursery we handle and use a much wider variety of data which may include our CCTV recordings, test data, referrals to social care and much more. We will now let you know how we manage this kind of data.
We will always endeavour to tell you what we are doing with your data. However, on occasions we may be required to pass on data to other people / agencies. The circumstances in which we would be likely to do so include:
We will always try to notify you when we have passed on data to somebody else. However, it is likely that on occasion time-scales may limit our ability to do so.
We are required to appoint a Data Protection Officer (DPO) to monitor our policies and procedures in relation to data. Our DPO is Mr I Ashraf.
If you have any concerns or questions, you should direct them to the DPO in the first instance, via [email protected]. He will help you with any requests you may have and advise you of your rights.
The nursery must operate within the law (GDPR). This means that we must:
The nursery will not usually charge for any request by parents. However, it would consider making a charge when requests are considered to be unfounded or excessive.
For further information on GDPR and data protection, please visit the Information Commissioner’s Office website https://ico.org.uk/for-the-public/