HOW WE USE PARENT / CARER AND CHILDREN’S INFORMATION
We are committed to ensuring that any personal data we hold about you and your child is protected in accordance with the General Data Protection Regulation (GDPR) 2018 and is used in line with your expectations. This privacy notice explains what personal data we collect, why we collect it and how it is used and protected.
THE CATEGORIES OF INFORMATION THAT WE COLLECT, HOLD AND SHARE
The information that we process includes:
- Personal information (such as name, date of birth and address)
- Characteristics for children (such as language, nationality, country of birth and funding eligibility)
- Attendance information (such as sessions attended, number of absences and absence reasons) for children
- Relevant medical information for children (such as doctors’ information, child health, dental health, allergies, medication and dietary requirements)
- Special Educational Needs information for children (such as Individual Support Plans)
- Child developmental records (such as Learning Journeys)
- Assessment information for children
- Proof of identity for adults
- Birth certificates for funding for children
- Details of any accidents / incidents / existing injuries
- Relevant documentation for child protection and safeguarding concerns
- Emergency contact details
- Funding information and details
- Communication and promotion (such as website and Facebook)
WHY WE COLLECT AND USE THIS INFORMATION
We use the data:
- to support children’s learning
- to monitor and report on their progress
- to assess the quality of our services
- to comply with the law regarding data sharing
- to comply with the statutory requirements of the Early Years Foundation Stage (EYFS) and Ofsted
- to ensure children are eligible for funding
- to process preschool fees
- to ensure children’s health, safety and wellbeing
- to communicate Nippertime Preschool updates and information
- to contact parents/carers in the event of an emergency
THE LAWFUL BASIS ON WHICH WE USE THIS INFORMATION
Under the guiding principles of GDPR (2018) there are three reasons for collecting parent/carer and child data:
- Contractual – Terms and Conditions/Registration form
- Legal - Early Years Foundation Stage (EYFS) Statutory Safeguarding and Welfare Requirements (2017)
- Legitimate business reason – Policy and procedures
By completing and signing the preschool registration form you are giving consent for us to process yours and your child’s personal data for the specific purposes of being part of the preschool setting.
COLLECTING CHILDREN’S INFORMATION
Whilst the majority of children’s information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with GDPR (2018), we will inform you whether you are required to provide certain information to us or if you have a choice in this.
STORING CHILDREN’S DATA
To comply with EYFS (2017) and Ofsted requirements, Nippertime Preschool have a duty to retain certain data for specific periods of time after a child has left the setting for example, registration details, accidents and medication forms are held until a child has reached the age of 21. Paper documents that are no longer required are securely shredded. All information relating to children, parent/carers is stored securely in the Preschool cupboard which is locked at the end of each day by one of the following the key holders, Fiona Napier, Samantha Gibbins, Elena Rose or Theresa Lloyd.
WHO WE SHARE CHILDREN’S INFORMATION WITH
We do not share information about children with anyone without prior consent unless we are obliged to as part of a lawful process/investigation.
We routinely share children’s information with:
- Department for Education (DfE)
- Schools that children attend after leaving us
- Our local authority
- Health Visitors
- Social Workers
- Inclusion teams, SEN panels, funding etc
- Surrey Safeguarding Children Board / LADO
- Other providers that children attend
- Multi agency professionals working with individual children
- Area SENCO’s
DEPARTMENT FOR EDUCATION
The Department for Education (DfE) collects personal data from educational settings and local authorities via various statutory data collections. We are required to share information about our children with the DfE either directly or via our local authority for the purpose of those data collections, under:
- Section 99 of the Childcare Act 2006
- The Education (Provision of Information About Young Children) (England) Regulations 2009
If you require more information about how the DfE use this information please visit DfE’s website https://www.gov.uk/guidance/data-protection-how-we-collect-and-share-research-data
REQUESTING ACCESS TO YOUR PERSONAL DATA
Under GDPR (2018), parents/carers have the right to request access information held about them and their child. To make a request for your personal information, or be given access to your child’s educational record contact our Data Protection Officer. Contact details can be found at the end of this document.
You also have the right to:
- object to processing of personal data that is likely to cause, or is causing, damage or distress
- prevent processing for the purpose of direct marketing
- object to decisions being taken by automated means
- in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
- a right to seek redress, either through the Information Commissioner’s Office (ICO), or through the courts
If you wish to exercise any of these rights or if you have any questions, comments or concerns about this privacy notice contact our Data Protection Officer Fiona Napier on email@example.com.
If you continue to have concerns about the way your data is handled you have the right to complain to the Information Commissioner Office helpline on 0303 123 113.
We keep this notice under regular review.
You will be notified of any changes where appropriate.
CHECKED EVERY SEPTEMBER OR WHEN NEW INFORMATION IS RECEIVED LAST UPDATED 21/9/2018 © NIPPERTIME PRESCHOOL LIMITED