General Data Protection Regulations (GDPR)

 

 

 

 

Safeguarding and Welfare Requirement: Information and records

Records must be easily accessible and available to those. who have a right or professional need to see them. Providers must ensure that all staff understand the need to protect privacy of the children in their care as well as the legal requirements that exists to ensure confidentiality.

Statement of Intent:

Ladybirds Preschool complies with the obligations of the General Data Protection Regulations (GDPR, 2018). We have systems in place to ensure that our collection, storage and retention of personal and general data meets all legal requirements. Although consent is a huge part of GDPR, as a preschool we have lawful obligations that require us to collect, process and store personal data.

 

Data Controllers determine the purposes and means of processing personal data. Ladybirds data controllers are; Zoe Marler-Hausen (Manager of our Porchester Road setting) and Diana Buckell (Manager of our Parkside setting).

 

Data processors are responsible for processing personal data on behalf of a controller. Ladybirds data processors are; Carmel Gardener (Administrator for Porchester Road)

 

Reasons for collecting data

 

We only collect data that is necessary for us to carry out our duties as a preschool.  We collect information from you and may receive information about you from your previous Early Years Provider or education provider, local authorities and the Department for Education (DfE).

 

A great deal of the information we collect is included in the Parent Declaration Form, completed on your child’s admission to an Early Years Provider which, when signed, indicates that you understand how your families data will be processed. In addition, we collect information for 30 hours eligibility, 2 year old funding eligibility, on learning and development, on safeguarding and welfare & special educational needs and disabilities.

 

What we use data for

 

We hold this personal data and use it to:

 

  • Support teaching and learning.  In order to facilitate this, we may share information with a software supplier to set up the systems needed for children and parent/carers to access. When your child applies for a school place, information may be forwarded to your child’s new school to aid transition into their next phase of education. If your child changes Early Years Provider or attends more than one provider, information may be shared between Early Years Providers.
  • Monitor and report on learning and development.
  • Provide appropriate pastoral care (Keeping Children Safe in Education 2019).
  • Assess how well we, as an education provider, are doing.
  • Co-operate with Southampton City Council and external partners to improve the well-being of children, under the duty of the Children Act 2004 Working Together to Safeguard Children (updated Feb 2019)
  • Share information with Southampton City Council and external partners to support the duty to safeguard and promote the welfare of children, under the Children Act 1989 and 2004, Section 17.  Working Together to Safeguard Children (updated Feb 2019)
  • Provide information via statutory census returns to the DfE and in turn this will be available for the use of Southampton City Council to carry out its official functions, or a task in the public interest. 
  • Send Child level information to Southampton City Council on a regular basis in accordance with our information sharing agreement to enable the local authority to meet its duty under Data Protection legislation to ensure that the data it holds is accurate and also to carry out its official functions, or a task, in the public interest.

 

Your information will not be used for any other purpose or shared with any other organisation unless provided for by law or covered in this Privacy Notice.

 

The Early Years Provider’s member of staff responsible for data protection, who should be contacted in writing if you would like to receive a copy of the information about you that we hold or share, is:

 

  • Settings Administrator –  Carmel (Porchester)

 

For information on how long the Early Years Provider will store the information collected please refer to the providers Retention of Records Policy.

 

Should you have any concerns with how your data is being processed, the following steps should be taken:

 

Step 1:             Contact the Early Years Provider Data Protection Officer.

Step 2:             If concerns remain unresolved, follow the Early Years Provider Complaints procedure.

Step 3:             Contact the Information Commissioner's Office (www.ico.org.uk)

 

For further information on the circumstances under which you have the right to request access to, or rectification\erasure of, your personal data please visit the Information Commissioner’s website.

 

Permissions

 

Where we do not have a lawful basis to hold data, we will ensure that we have permission to do so.  Examples of this include (but are not limited to);

 

  • Photographs of children. No photographs will be taken or displayed without the parents/carers permission. We routinely delete photographs stored on our computer systems.
  • Every Child a Talker audit.

Where permission has been given, access to records is available and permission can be withdrawn by informing preschool in writing.

 

Retention Periods for Records

 

The following table outlines the retention periods that the preschool will follow, if a request to deletion of records has not been made.  Some records have a legal retention period, others are a recommended retention period.

 

 

Children’s records

 

Retention period

Status

Authority

Children’s records  including registers and medication record books

A reasonable period of time after children have left the provision.  Ladybirds will keep these records until after the next Ofsted inspection.

Requirement

Statutory Framework for the Early Years Foundation Stage

Children’s records of accidents and injuries

Until the child reaches the age of 21

Recommendation

Limitations Act 1980

Child protection records

Until the child reaches the age of 24

Recommendation

Limitations Act 1980

Records of any reportable death, injury, disease or dangerous occurrence

3 years after the date the record was made

Requirement

The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1995 RIDDOR

Personnel records

Retention period

Status

Authority

Personnel files and training records (including disciplinary records and working time records)

6 years after employment ceases

Recommendation

Chartered Institute of Personnel and Development

DBS check

6 months

Recommendations

DBS Code of Practice

Wage/salary records (including overtime, bonuses and expenses)

6 years

Requirement

Taxes Management Act 1970

Statutory Maternity Pay (SMP) records

3 years after the end of the tax year to which they relate

Requirement

The Statutory Maternity Pay (General) Regulations

Statutory Sick Pay (SSP) records

3 years after the end of the tax year to which the relate

Requirement

The Statutory Sick Pay (General) Regulations 1982

Income tax and National Insurance returns/records

At least 3 years after the end of the tax year to which they relate

Requirement

The Income Tax (Employments) Regulations 1993

Staff accident records

3 years after the date the record was made

Requirement

Social Security (Clams and Payments) Regulations 1979

Records of any reportable death, injury, disease or dangerous occurrence

3 years after the date the record was made

Requirement

Social Security (Claims and Payments) Regulations 1979

Assessments under Health and Safety Regulations and records of consultations with safety representatives and committees

Permanently

Recommendation

Chartered Institute of Personnel and Development

Financial Records

 

 

 

Accounting records

6 years from the end of the financial year

Requirement

Companies Act 2006

Charities Act 2011

Administration Records

 

 

 

Employers liability insurance records

Permanently

Recommendation

Health and Safety Executive

Minutes of company meetings

10 years

Requirement

Companies Act 2006

 

 

Confidentiality

 

 

To ensure that all those using – and working in – the pre-school can do so with confidence, we adhere to the following procedures:

 

  • Parents/carers have ready access to the files and records of their own children but do not have access to information on any other child.
  • Any concerns/evidence relating to a child’s personal safety and personal information regarding a child are kept in a secure, confidential file and are only shared on a need to know basis. 
  • Issues to do with the employment of staff remain confidential to the people directly involved with making personnel decisions.
  • All information regarding the children, their families or other members of staff, that maybe learned as part of the job is kept completely confidential by all staff members, students and volunteers. Information is not be discussed with anyone other than those directly involved and is always discussed in an appropriate place and in an appropriate way e.g. information is never discussed using sources such as the Internet, Facebook etc.
  • The staff team keep all mobile phones in the pre-school office during session times.  Personal mobile phones are never be used to take photographs of the children.
  • Visitors to the pre-school will be reminded that they are not to use mobile phones at any time whilst in our setting and phones will be stored in our office for the duration of their visit.

 

 

This policy links to a number of other policies to which the Preschool adheres to, particular reference would be;

 

Images of children policy

Safeguarding policy

Pupil premium

 

 

 

 

Document ID-

Policy adopted at meeting – Jun 2007

Reviewed by : Ladybirds Directors

 

Date reviewed

05/11/2019

 

 

Sep 17

 

 

March 18

 

 

 

Print Print | Sitemap
© Ladybirds Preschool Southampton