Privacy Policy

Safeguarding and Welfare Requirements

Information and records 3.68 – 3.71 –
In line with the Safeguarding and Welfare Requirements 2017

Wooden Tops Day Nursery’s Privacy Notice Statement
Wooden Tops Day Nursery,
Park Lane Centre,
Park Lane,
Woodside,
Telford,
TF7 5QZ
01952 583711

From 25th May 2018 the Data Protection Act 2018 (DPA) and the General Data Protection Regulations (GDPR) come into force and replaces the Data Protection Act 1998 (DPA) and the Electronic Communications Regulations 2003 (PECR).

There are new obligations for all companies regarding personal data and new rights for individuals and provides a new set of laws which will provide reassurance to everyone.

What is personal data?

Personal data is any data that can be linked to a single person and which identifies them in some way.
For example name and personal email address and/or any of the following: postal address, telephone numbers, bank account details, payment card details, marital status and date of birth.

However, a name and a generic email (info@) is not personal data and an email address alone is NOT personal data unless it can be directly linked to more data stored elsewhere)

Data protection officers names:-

Sharon Welch Faye Mooney
Angela Gregory Lauren Roberts

Introduction
We are committed to ensuring that any personal data we hold about you and your child is protected in accordance with data protection laws and is used in line with your expectations.
This privacy notice explains what personal data we collect, why we collect it, how we use it and how we protect it.

What personal data do we collect and why?
We collect personal data about you and your child to provide care and learning that is tailored to meet your child’s individual needs. We also collect information in order to verify your eligibility for free childcare as applicable.
Personal details that we collect about your child include:
 your child’s name, date of birth, address, health and medical needs, development needs, and any special educational needs,

Where applicable we will obtain child protection plans from social care and health care plans from health professionals.
We will also ask for information about who has parental responsibility for your child and any court orders pertaining to your child.
Personal details that we collect about you include:
 your name, home and work address, phone numbers, emergency contact details, and family details

This information will be collected from you directly in the registration form. If you apply for up to 30 hours of free childcare, we will also collect:
• your national insurance number, your date of birth and your 30-hour access code.

We also require your consent for your children’s photographs to be used and displayed both internally for display boards and externally for our nursery prospectus, and newspaper coverage of events and activities that take place, this consent can be withdrawn at any time with immediate affect.

On registration to the setting, all parents/carers will be required to read and sign their own detailed privacy notice which will be stored with their child’s registration form in a securely locked cabinet.

Employees are also required to sign their own individual privacy notices which are stored in the employee’s personal files also stored in securely locked cabinets.

Safeguarding and Welfare Requirement: Information and Records
Providers must maintain records and obtain and share information to ensure the safe and efficient management of the setting, and to help ensure the needs of all children are met

10.10 Information sharing
‘Sharing information is an intrinsic part of any frontline practitioners’ job when working with children and young people. The decisions about how much information to share, with whom and when can have a profound impact on individuals’ lives. It could ensure that an individual receives the right services at the right time and prevent a need from becoming more acute and difficult to meet. At the other end of the spectrum, it could be the difference between life and death.’
Information Sharing: Advice for practitioners providing safeguarding services to children, young people,
parents and carers (HM Government 2015)

Policy statement
We recognise that parents have a right to know that the information they share with us will be regarded as confidential, as well as to be informed about the circumstances when, and the reasons why, we are obliged to share information.
We record and share information about children and their families (data subjects) in line with the six principles of GDPR and alongside the DPA 2018 which are further explained in our Privacy Notice that is given to parents at the point of registration. The six principles state that personal data must be:

1. Processed fairly, lawfully and in a transparent manner in relation to the data subject.
2. Collected for specified, explicit and legitimate purposes and not further processed for other purposes incompatible with those purposes.
3. Adequate, relevant and limited to what is necessary in relation to the purposes for which data is processed.
4. Accurate and where necessary, kept up to date.
5. Kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed.
6. Processed in a way that ensures appropriate security of the persona data including protection against accidental loss, destruction or damage, using appropriate technical or organisational measures

We are obliged to share confidential information without authorisation from the person who provided it, or to whom it relates if it is in the public interest. That is when:
 it is to prevent a crime from being committed or to intervene where one may have been, or to prevent harm to a child or adult; or
 not sharing it could be worse than the outcome of having shared it.

COVID – 19 practice in line with Government guidance

Contact information will be required from visitors attending the setting to enable prompt track and trace systems to be triggered if there was a suspected or confirmed COVID – 19 case at the time the visitor attending the setting.

To ensure anyone who has been in contact with any suspected or confirmed case of
COVID – 19 at the time they visited the setting they will be required to leave their name and contact telephone number and the company they represent.

COVID – 19 health questionnaires are also required to be completed on arrival which asks for personal information that will deem whether the visitor is free of COVID – 19 signs and symptoms before they access the main nursery area.

Questionnaires and contact detail records will be completed in the Isolation Area.

All personal data obtained will be kept in a secure area where it is inaccessible by unauthorised persons.

Records will be kept for 21 days in line with Government guidance and destroyed in line with GDPR requirements on the 22nd day.

Documented 15.05.18
Updated 26.09.18
Reviewed and updated 12.08.2020 – Sharon Welch