REVIEWED MAY 2018
GDPR stands for General Data Protection Regulation and replaces the previous Data Protection Directives that were in place. It was approved by the EU Parliament in 2016 and comes into effect on 25th May 2018.
GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that individual’s data is not processed without their knowledge and are only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals. The Village School of Dance is committed to protecting the rights and freedoms of individuals with respect to the processing of children’s, parents, visitors and staff personal data.
The Data Protection Act gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.
The Village School of Dance is registered with ICO (Information Commissioners Office).
GDPR includes 7 rights for individuals
1) The right to be informed
For our own purpose of invoicing, receipts, payment requests, class enrollment information and any other critical regarding your attendance at our school we need to collect the following data. Full name of parent/guardian, 2 contact phone numbers, email address. We need to know children’s full names, address, date of birth and any SEN requirements.
The Village School of Dance is required to hold data on its teachers; names, addresses, email addresses, telephone numbers, date of birth, DBS checks.
The Village School of Dance stores data in a password encrypted system.
The Village School of Dance is a registered school for dance examinations with Royal Academy of Dance and Imperial Society of Teachers of Dancing and as so, is required to collect and manage certain data. For the purpose of these two organisation we are required to know children’s full names, Date of Birth, classification of ethnicity along with any SEN requirements. We only provide these details with the organisation at point of entry into examination. Data is then stored by them and their privacy policies can be viewed here. Data is transferred electronically.
2) The right of access
At any point, an individual can make a request relating to their data via a Data Subject Request which can be provided. The Village School of Dance will provide a response (within 1 month). The Village School of Dance can refuse a request if we have a lawful obligation to retain data, but we will inform the individual of the reasons for the rejection. The individual has the right to complain to ICO if they are not happy with the decision.
3) The right to erasure
You have the right to request the deletion of your data where there is no compelling reason for it’s continued use. However, The Village School of Dance has a legal duty to keep children’s and parents details for a reasonable time *.
*The Village School of Dance retain these records for 6 years after a student has left the school, children’s accident and injury records for 19 years (or until the child reaches 21 years), and 22 years (or until the child reaches 24 years) for Child Protection records.
4) The right to restrict processing
Parents, DDMIXers, visitors and staff can object to The Village School of Dance processing their data. This means that the records can be stored but must not be used in any way, for example exam reports or for communications (advertising and newsletters).
5) The right to data portability
The Village School of Dance requires data to be transferred from one IT system to another; such as from The Village School of Dance to dance associations for examinations. As noted above, these recipients use secure file transfer systems and have their own policies and procedures in place in relation to GDPR.
6) The right to object
Parents, DDMIXers, visitors and staff can object to their data being used for certain activities like marketing or research.
7) The right not to be subject to automated decision-making including profiling
Automated decisions and profiling are used for marketing based organisations. The Village School of Dance does not use personal data for such purposes.
Storage and use of personal information
Up until September 2018, all data (child’s full name, date of birth and emergency contact number) will be collected via email and then stored in password protected software. From September 2018, all data will be collected via Dance studio Pro software which is all password protected. Information taken from the files about individuals is confidential and these records are deleted after the retention period.
The Village School of Dance collects a large amount of personal data every year, including names, email addresses of those on the waiting list or people who have contacted us about our classes. These records are deleted if the child/adult does not attend the class, unless permission has been given for them to remain on a mailing list.
GDPR means that The Village School of dance must;
- Manage and process personal data properly
- Protect the individual’s right to privacy
- Provide an individual with access to all personal information held on them
If you have any questions, please free to contact myself,
Katherine firstname.lastname@example.org or
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can manage website cookies in your browser settings, and you always have the choice to change these settings by accepting, rejecting or deleting cookies. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
We understand you may want to know more about cookies. Here are some useful resources that provide detailed information about types of cookies, how they are used, and how you can manage your cookie preferences: www.aboutcookies.org and www.allaboutcookies.org
Other tracking technologies
- Web server and application logs. Our servers automatically collect certain information to help us administer and protect the services we provide via our website and improve your user experience. The information collected includes:
- IP address and browser type
- Device information including unique Device identifier (UDID), MAC address, Identifier For Advertisers (IFA) and similar identifies we or others assign.
- Device operating system and other technical facts
- The country, state/county and city from which you access our site
- Pages visited and content viewed, stored and purchased
- Information or text entered
- Links and buttons clicked
- URLs visited before and after you use our website
- Web Beacons. Our web pages may contain electronic images known as web beacons (also called single-pixel gifs and transparent graphic images) that we use to help deliver cookies on our sites, count users who have visited those sites, deliver services, and analyze the effectiveness of our promotional campaigns, for example. We may also include web beacons in our marketing email messages or newsletters to determine whether an email is opened or if links are clicked.
- Local shared objects/Flash cookies. Flash cookies, also known as local shared objects, are designed to support browser content supported by Adobe® Flash. They are usually used to enable ads and video content on websites. Like other cookies, they will store information on your device, some of which will be specific to the Flash-enabled content. Flash cookies can only be deleted within Adobe Flash rather than via your browser.