Your browser version is outdated. We recommend that you update your browser to the latest version.
blossompatch

DATA PROTECTION POLICY

The Nursery is a ‘Data Controller’ We, Creative Explorers Day Nursery, 18 Gisburn Road, London, N8 7BS are the ‘Data Controller’ under the terms of the General Data Protection Regulation.

The Creative Explorers Day Nursery Data Protection Officer is Varinder Dhaliwal (May 2018)

 

FAMILY PERSONAL INFORMATION

We collect personal information on children and parents under the terms of fair and lawful processing of personal data for lawful purposes as a Nursery.

WHAT DATA IS COLLECTED AND HELD

We hold this personal data and use it to:

• Support children’s teaching and learning;
• Monitor and report on children’s progress;
• Provide appropriate emotional and physical care, and
• Assess and evaluate effective processes within the nursery.

This information includes contact details, Early Years assessment results, attendance information, images, videos and personal characteristics such as ethnic group, any exclusion information, where children go after they leave us, any Special Educational Needs (SEN) and relevant medical information.

 

SHARING INFORMATION

We only share information about children with carefully selected and monitored organisations that are registered with the Information Commissioners Office (ICO) and is also subject to the relevant laws. Information is shared electronically with the following organisations:

Tapestry – online Early Years assessment tool (https://tapestry.info/privacy.html/)

Abacus – child registration, session booking and invoicing tool managed by Parenta (https://www.parenta.com/policies/)

The companies listed above carry out fair processing for us in order to provide our services as a Nursery. 

We are also required by law to pass some information about you to the Local Authority and the Department for Education (DfE) i.e. in relation to government funding. If you want to see a copy of the information about you that we hold and/or share, please contact the Nursery Data Protection Officer Varinder Dhaliwal at varinder.dhaliwal@creative-explorers.co.uk.

 

RETENTION POLICY

We hold information on your child for 3 years after you leave the Nursery. Data is then erased, except where it is ‘anonymised’ and used for statistical purposes – meaning it has no relation to you or any other individual.

Further guidance is provided in the Policy and Procedures folder, which is available at each Nursery setting.

 

EMPLOYEES PERSONAL INFORMATION

Throughout employment and for as long as is necessary after the termination of employment, the Nursery will need to process data about you. The kind of data that the Nursery will process includes:

• any references obtained during recruitment
• details of terms of employment
• payroll details
• tax and national insurance information
• details of job duties
• details of health and sickness absence records
• details of holiday records
• information about performance
• details of any disciplinary and grievance investigations and proceedings
• training records
• contact names and addresses
• correspondence with the Nursery and other information that you have given the Nursery

The Nursery believes that those records used are consistent with the employment relationship between the Nursery and yourself and with the data protection principles. The data the Nursery holds will be for management and administrative use only but the Nursery may, from time to time, need to disclose some data it holds about you to relevant third parties (e.g. where legally obliged to do so by HM Revenue & Customs, where requested to do so by yourself for the purpose of giving a reference or in relation to maintenance support and/or the hosting of data in relation to the provision of insurance).

In some cases the Nursery may hold sensitive data, which is defined by the legislation as special categories of personal data, about you. For example, this could be information about health, racial or ethnic origin, criminal convictions, trade union membership, or religious beliefs. This information may be processed not only to meet the Nursery's legal responsibilities but, for example, for purposes of personnel management and administration, suitability for employment, and to comply with equal opportunity legislation. Since this information is considered sensitive, the processing of which may cause concern or distress, you will be asked to give express consent for this information to be processed, unless the Nursery has a specific legal requirement to process such data.

We only share information about employees with carefully selected and monitored organisations that are registered with the Information Commissioners Office (ICO) and is also subject to the relevant laws. Information is shared electronically with the following organisations:

Croner – HR management tool/services (https://croner.co.uk/privacy-policy/)


ACCESS TO DATA

You may, within a period of one month of a written request, inspect and/or have a copy, subject to the requirements of the legislation, of information in your own personnel file and/or other specified personal data and, if necessary, require corrections should such records be faulty. If you wish to do so you must make a written request to your line Manager. The Nursery is entitled to change the above provisions at any time at its discretion.


DATA SECURITY

You are responsible for ensuring that any personal data that you hold and/or process as part of your job role is stored securely.

You must ensure that personal information is not disclosed either orally or in writing, or via web pages, or by any other means, accidentally or otherwise, to any unauthorised third party. You should note that unauthorised disclosure may result in action under the disciplinary procedure, which may include dismissal for gross misconduct. Further guidance is provided in the Policy and Procedures folder, which is available at each Nursery setting.

 

GENERAL WAYS OF WORKING

The Nursery is fully committed to compliance with the requirements of the General Data Protection Regulation (GDPR) and all other data protection legislation currently in force. The Regulation applies to anyone processing personal data and sets out principles which should be followed and gives rights to those whose data is being processed. To this end, the Nursery endorses fully and adheres to the Data Protection Principles listed below. When processing data we will ensure that it is:

• processed lawfully, fairly and in a transparent way (‘lawfulness, fairness and transparency’)
• processed no further than the legitimate purposes for which that data was collected (‘purpose limitation’)
• limited to what is necessary in relation to the purpose (‘data minimisation’)
• accurate and kept up to date (‘accuracy’)
• kept in a form which permits identification of the data subject for no longer than is necessary (‘storage limitation’)
• processed in a manner that ensures security of that personal data (‘integrity and confidentiality’)
• processed by a controller who can demonstrate compliance with the principles (‘accountability’)

These rights must be observed at all times when processing or using personal information. Therefore, through appropriate management and strict application of criteria and controls, the Nursery will:

• observe fully the conditions regarding having a lawful basis to process personal information
• meet its legal obligations to specify the purposes for which information is used
• collect and process appropriate information only to the extent that it is necessary to fulfil operational needs or to comply with any legal requirements
• ensure the information held is accurate and up to date
• ensure that the information is held for no longer than is necessary
• ensure that the rights of people about whom information is held can be fully exercised under the GDPR (i.e. the right to be informed that processing is being undertaken, to access personal information on request; to prevent processing in certain circumstances, and to correct, rectify, block or erase information that is regarded as wrong information)
• take appropriate technical and organisational security measures to safeguard personal information
• ensure that personal information is not transferred outside the EU, to other countries or international organisations without an adequate level of protection


CCTV

Closed Circuit television cameras are installed at the Creative Explorers Day Nursery settings to provide security for children, staff and visitors. This data will be held for up to 30 days and may be used to investigate any security or child protection incidents that may occur. Video recordings could be handed over to authorities with a legal order.


RIGHT OF COMPLAINT

You have the right to lodge a complaint to the Information Commissioners Office (ICO). Full information about this is available at https://ico.org.uk/concerns/handling/

This information is subject to review.