At the Dance Academy we ensure that your data is protected. The new GDPR (General Data Protection Regulator) is coming into force on 25th May 2018 and replaces Data Protection. We at the Academy are making sure your personal data is secure.
GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that individuals data is not processed without their knowledge and are only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals. The Dance Academy is committed to protecting the rights and freedoms of individuals with respect to the processing of children's, parents, visitors and staff personal data.
The Data Protection Act gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.
The Dance Academy is registered with the ICO (Information Commissioners Office) under registration reference: A1087862
The GDPR rights for Individuals:
2. The Right to Access An individual can make a request about their data, The Dance Academy will need to respond within one month. If we have a lawful obligation to refuse data we can refuse but will inform them of the reasons for rejection.
3. The right to Erasure You have the right to ask for your data to be erased. However The Dance Academy has a legal duty to keep children’s and parents data for a reasonable time. The Dance Academy will retain these records for 6 years
after leaving the school, accident and injury records until they reach 21 (or for 19 years) and aged 24 years for Child Protection Records (for 22 years) Staff records are kept for 6 years after they leave our employment. Data is kept securely at The Dance Academy office and shredded after the legal retention period.
4. The right to restrict processing Parents, visitors and staff can object to The Dance Academy processing their data. This means that the records can be stored but not used in any way (for example communications)
5. The Right to restrict Processing The Dance Academy is required to transfer data from one IT system to another. One for the Local Authority for shows (Performance Licenses) and Dance Associations ISTD and RAD for examinations. These recipients have their own policies in place.
6. The Right to object. Parents, visitors and staff can object to their data being used for certain activities like marketing and research.
7. The right not to be subject to automated decision-making including profiling The Dance Academy does not use personal data for marketing to other companies.
PERSONAL DATA AT THE DANCE ACADEMY STORAGE The Dance Academy stores consent, application, medical, safe guarding forms safely in a locked filing system. Database and register storage is encrypted with a password on a computer. Paper registers are locked away after use.
3rd PARTIES The Dance Academy only gives personal data as follows: Registers for teachers for Health and Safety reasons. Admin staff access to emails for work with the TDA. ISTD and RAD for specialist PIN numbers for examinations. Dance Festivals (Only if entered) for entries Local Authority at the Council for Performance licenses for shows Names will be used in show programmes
CONSENT The Dance Academy will retain these records for 6 years after leaving the school, accident and injury records until they reach 21 (or for 19 years) and aged 24 years for Child Protection Records (for 22 years) Staff records are kept for 6 years after they leave our employment. Data is kept securely at The Dance Academy office and shredded after the legal retention period.
REGISTERS Registers with Name, DOB and Emergency Contact only are encrypted on a computer. Each teacher has their own copy of their own registers on paper or encrypted on a digital device. They hold them securely with them at all times and never let out of their site. Each teacher is trained to do so and to shred the register when no longer in use. All teachers have signed a confidentiality agreement.
EMAILS Emails are stored on a password protected digital devices, under a password protected account. Emails are kept however long is necessary for the topic within the email and if in the school if needed for referral. Only admin staff at The Dance Academy has access to the passwords and is changed when a staff leaves employment.
SHARING PHOTOS Parents under no circumstance are allowed to share photos of other children in The Academy. Under The Dance Academy photo policy, we share images only if consent has been given on social media sites and our website for promotion etc. When Consent is given, teachers may take photos/videos of students and classes of dances etc and shared only between the teachers for research and teaching purposes.
TEACHERS Teachers data is kept securely locked in a filing system and also if any information is online it will be encrypted.
While studying at The Dance Academy Bucks, photographs may be taken of students for use in promotional materials, and on our websites and social media sites for advertising. These photographs may be kept for an indefinite period. Under the
Data Protection Act 1998, this information will not be used for any purpose other than that stated on the form. Please give your consent by filling in the details below.
A consent form will be needed from all students under the age of 18 years of age. Any photographer who is provided by the school will have a DBS check and will only take pictures of those whose parents/guardians have given consent to do so. The dance teacher will be present at all times whilst the photographer is in attendance. If you have any questions regarding this, please contact The Dance Academy Bucks Principal: Rebecca Easter.
The Dance Academy may send you emails for classes, workshops, emergency information, examination information, festival information etc. All have a right to opt out of this at any point.
GDPR means that The Dance Academy must: Manage and process personal data properly Protect the individual’s right to privacy Provide an individual with access to all personal information held on them.
This policy was adapted in May 2018