GPDR POLICY

Southeast Kids Camps Data Protection Policy

At Southeast Kids Camps we respect the privacy of the children attending the Club and the privacy of their parents or carers, as well as the privacy of our staff. Our aim is to ensure that all those using and working at Southeast Kids Camps can do so with confidence that their personal data is being kept secure.
Any information that you provide is kept secure. Data that is no longer required* is erased after your child has ceased attending our Club.
We will use the contact details you give us to contact you via phone, email, social media and post so that we can send you information about your child, our Club and other relevant news, and also so that we can communicate with you regarding payment of our fees.
Our lead person for data protection is George Asargiotakis who is available via this sites contact page or on the phone number 01444 461889. The lead person ensures that the Club meets the requirements of the GDPR, liaises with statutory bodies when necessary, and responds to any subject access requests.

Confidentiality

Within the Club we respect confidentiality in the following ways:
• We will only ever share information with a parent about their own child.
• Information given by parents to Club staff about their child will not be passed on to third parties without permission unless there is a safeguarding issue (as covered in our Safeguarding Policy).
• Concerns or evidence relating to a child’s safety will be kept in a confidential file and will not be shared within the Club, except with the designated Child Protection Officer and the manager.
• Staff only discuss individual children for purposes of planning and group management.
• Staff are made aware of the importance of confidentiality during their induction process.
• Issues relating to the employment of staff, whether paid or voluntary, will remain confidential to those making personnel decisions.
• All personal data is stored securely in a lockable file on a password protected computer and passcode-locked phone/tablet.
• Students on work placements and volunteers are informed of our Data Protection policy and are required to respect it.

Information that we keep

The items of personal data that we keep about individuals are documented and securely kept with MyPlayService – Magicbooking. Parents will attain control over their own personal and children’s) data online that is protected with a password. The personal data is reviewed annually to ensure that any new data types are included.
Children and parents: We hold only the information necessary to provide a childcare service for each child. This includes child registration information, medical information, parent contact information, attendance records, incident and accident records and so forth. Once a child leaves our care we retain only the data required by statutory legislation and industry best practice, and for the prescribed periods of time. Electronic data that is no longer required is deleted and paper records are disposed of securely.
Staff: We keep information about employees in order to meet HMRC requirements, and to comply with all other areas of employment legislation. We retain the information after a member of staff has left our employment for the recommended period of time, then it is deleted or destroyed as necessary.

Sharing information with third parties

We will only share child information with outside agencies on a need-to-know basis and with consent from parents, except in cases relating to safeguarding children, criminal activity, or if required by legally authorised bodies (eg Police, HMRC, etc). If we decide to share information without parental consent, we will record this in the child’s file, clearly stating our reasons.
We will only share relevant information that is accurate and up to date. Our primary commitment is to the safety and well-being of the children in our care.
Some limited personal information is disclosed to authorised third parties we have engaged to process it, as part of the normal running of our business, for example in order to take online bookings and to manage our payroll and accounts. Any such third parties comply with the strict data protection regulations of the GDPR. for your setting.

Subject access requests

• Parents/carers can ask to see the information and records relating to their child, and/or any information that we keep about themselves.
• Staff and volunteers can ask to see any information that we keep about them.
• We will make the requested information available as soon as practical and will respond to the request within one month at the latest.
• If our information is found to be incorrect or out of date, we will update it promptly.
• If any individual about whom we hold data has a complaint about how we have kept their information secure, or how we have responded to a subject access request, they may complain to the Information Commissioner’s Office (ICO).

Contact & Communication With us

Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.

Email Mailing List & Marketing Messages

We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process or when you become a member filling the form. where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, detailed in the footer of sent marketing messages.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.

GDPR

We comply with the requirements of the General Data Protection Regulation (GDPR), regarding obtaining, storing and using personal data.

This policy was adopted by: Southeast Kids Camps
Date: 11th April 2018
To be reviewed: 1st April 2021
Signed: George asargiotakis

Written in accordance with the Statutory Framework for the Early Years Foundation Stage (2017): Safeguarding and Welfare Requirements: Information and records [3.68 -3.71].