Chapelfield Children's Day Nursery Telephone 01603 611147

Useful information from CCDN

Data Protection Privacy Statement

At Chapelfield Nursery, we are committed to maintaining the trust and confidence of our Children Parents and Staff. We want you to know that Chapelfield Nursery will not share email lists with other companies and businesses for any purpose. In this Privacy Policy, we’ve provided lots of detailed information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

Why this policy exists
This data protection policy ensures Chapelfield Nursery:

  • Complies with data protection law and follows good practice
  • Protects the rights of Staff, Parent and Children
  • Is open about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach

Data Protection Law 
The Data Protection Act 1998 describes how organisations must collect, handle and store personal information. These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully. The Data Protection Act is underpinned by eight important principles. These say that personal data must:

  • Be processed fairly and lawfully
  • Be obtained only for specific, lawful purposes
  • Be adequate, relevant and not excessive
  • Be accurate and kept up to date
  • Not be held for any longer than necessary
  • Processed in accordance with the rights of data subjects
  • Be protected in appropriate ways
  • Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection

Sharing information with others
As a Nursery it is necessary for us to collect personal information about you and your child. Sometimes we have to confirm or share information with other organisations. If we need to do this, we will make it clear to you on the forms you complete giving us the information. We will inform you before sharing any of yours or your child’s information.

In some cases, a third-party organisation, such as a funding body, may require you to sign an agreement to allow your information to be shared e.g. on a funding form. Please read all paperwork thoroughly before signing, so that you know exactly how your information will be used.

Information
We will make sure that the information about you is accurate and up to date when we collect or use it. You can help us with this by keeping us informed of any changes to the information we hold about you.

Types of information we collect and store
Yours and your child’s full names; Your child’s date of birth; Your address; Your contact numbers and those of your emergency contacts; Your email address; Your child’s medical conditions; In some cases, your National insurance number. You are entitled to view, amend, or delete the personal information that we hold. Email your request to The Management Team at office@chapelfieldnursery.co.uk.

In addition to the above we store the following on each child (some if only applicable): On-going progress and development; photographs; Accident and Incident records; health records, Special Needs records, Safeguarding records, Behaviour records and school transition information/reports.

Information security
We will keep information about you and your child secure. We will protect your information against unauthorised change, damage, loss or theft. All information collected in paper form is kept locked away at night. All our computers, and tablets are password protected.

Openness
We will tell you what kinds of information we hold and what we do with it.

General
We will comply with the Data Protection Act 1998 and any subsequent legislation on information handling and privacy. We will do this through Chapelfield Children’s Day Nursery’s Data Protection Policy. We will help you where possible with any questions or problems that you may have with the Data Protection Act 1998, the Human Rights Act 1998 or the Freedom of Information Act 2000. If we cannot help you, we will give you advice on where to write to, to get the information you may need.

Our Commitment
We will only collect information that is necessary for what we do and will be fair in the way we collect it. We will tell you what we intend to do with the information about you. where practicable, we will collect information directly from you. If we collect information about you from someone else, we will make sure you know that we have done this whenever possible.

Mailing
We use a third-party provider, MailChimp, to deliver our newsletter etc. For more information, please see MailChimp’s privacy notice. You can unsubscribe to general mailings at any time by clicking the unsubscribe link at the bottom of any of our emails.

Tapestry
We use Tapestry to record Children’s personal development with an Online Learning Journal. For more information on their data protection please see their privacy notice https://tapestry.info/privacy/

Child’s play
We use Child’s Play as our computer software for the storage of children’s and families details. Please see their data protection policy, which is stored in the office at Nursery.

Keeping information
We will hold information about you and your child only for as long as the law says. After this, we will dispose of it securely.

General staff guidelines

  • The only people able to access data covered by this policy should be those who need it for their work.
  • Data should not be shared informally. When access to confidential information is required, employees can request it from the management team.
  • Employees should keep all data secure, by taking sensible precautions and following the guidelines below.
  • Passwords must be used at collection times for children if they are not regular collectors and they should never be shared.
  • Personal data should not be disclosed to unauthorised people, either within the company or externally.
  • Data should be regularly reviewed and updated if it is found to be out of date. If no longer required, it should be deleted and disposed of.
  • Employees should request help from a Manager if they are unsure about any aspect of data protection.
  • When data is stored on paper, it should be kept in a secure place.

These guidelines also apply to data that is usually stored electronically but has been printed out:

  • When not required, the paper or files should be kept in a locked drawer or cabinet.
  • Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer.
  • Personal Data and Photograph printouts should be shredded and disposed of securely when no longer required.

Data storage

  • Electronic Data is protected by passwords that are changed regularly and never shared externally.
  • If data is stored on removable media (like a CD or USB drive), these are kept locked away securely when the nursery is closed.
  • Data is only stored on designated drives and servers, and is only to be uploaded to an approved cloud computing service.
  • All servers and computers containing data are protected by approved security software and a firewall.
    Personal data should not be shared informally. In particular, it should never be sent by email, as this form of communication is not secure.
  • Data must be encrypted before being transferred electronically.

THIS PRIVACY NOTICE WAS REVIEWED ON 1ST MAY 2018 BY THE MANAGAMENT TEAM AT CHAPELFIELD CHILDREN’S DAY NURSERY AND WILL BE REVISED 1ST MAY 2019