At Rockinghorse Daycare we recognise that we hold sensitive/confidential information about children and their families and the staff we employ. This information is used to meet children’s needs, for registers, invoices and emergency contacts. We store all records in a locked cabinet or on the office computer with files that are password protected in line with data protection principles. Any information shared with the staff team is done on a ‘need to know’ basis and treated in confidence. This policy will work alongside the Privacy Notice to ensure compliance under General Data Protection Regulation (Regulation (EU) 2016/679 (GDPR) and Data Protection Act 2018.
It is our intention to respect the privacy of children and their families and we do so by:
All the undertakings above are subject to the paramount commitment of the nursery, which is to the safety and well-being of the child.
General Data Protection Regulation (Regulation (EU) 2016/679 (GDPR) compliance
In order to meet our requirements under GDPR we will also undertake the following:
1. We will ensure our terms & conditions, privacy and consent notices are easily accessed/made available in accurate and easy to understand language
2. We will use your data to ensure the safe, operational and regulatory requirements of running our Nursery, these include [insert some examples]. We will only contact you in relation to the safe, operational and regulatory requirements of running our Nursery, these include [insert some examples]. We will not share or use your data for other purposes. Further detail can be found in our GDPR policy.
3. Everyone in our nursery understands that people have the right to access their records or have their records amended or deleted (subject to other laws and regulations).
4. We will ensure staff have due regard to the relevant data protection principles, which allow them to share (and withhold) personal information, as provided for in the Data Protection Ac 2018 and the GDPR. This includes:
· Being confident of the processing conditions which allow them to store and share information for safeguarding purposes, including information which is sensitive and personal, and should be treated as ‘special category personal data.’
· Understanding that ‘safeguarding of children and individuals at risk’ is a processing condition that allows practitioners to share special category personal data. This includes allowing practitioners to share information without consent where there is good reason to do so, and that the sharing of information will enhance the safeguarding of a child in a timely manner but it is not possible to gain consent, it cannot be reasonably expected that a practitioner gains consent, or if to gain consent would place a child at risk.
Staff and volunteer information
· All information and records relating to staff/volunteers will be kept confidentially in a locked cabinet
· Individual staff may request to see their own personal file at any time