top of page

Privacy Policy

BDS General Data Protection Regulation (GDPR) Policy for 2024

 

At Boppin Dance School (BDS), we are committed to protecting the rights and privacy of individuals, in compliance with the General Data Protection Regulation (GDPR). GDPR replaces previous Data Protection Directives and establishes a framework to ensure personal data is handled fairly, lawfully, and transparently.

This policy outlines how BDS manages and processes personal data for children, parents, visitors, and staff, ensuring that data is collected for specified purposes and not processed without consent or knowledge.

Key GDPR Principles

1. The Right to Be Informed

BDS collects and manages personal data required to operate effectively and safely, including:

  • Parents: Names, addresses, phone numbers, and email addresses.

  • Children: Names, addresses, dates of birth, medical conditions, and any SEN requirements.

  • Staff: Names, addresses, contact details, National Insurance numbers, ID documents, and bank details (for payroll and legal purposes, including DBS checks).

Data is securely handled and not shared with third parties except for essential purposes, such as processing DBS checks.

2. The Right of Access

Individuals may request access to their data at any time. BDS will respond within one month, except where data must be retained by law. If a request is refused, the individual will be informed of the reason and their right to contact the Information Commissioner’s Office (ICO).

3. The Right to Erasure

Individuals can request data deletion where there is no legal reason for its retention. However, BDS is required to retain:

  • Children’s records for three years after they leave, or longer for injury/child protection cases (up to 24 years).

  • Staff records for six years after employment ends.
    Data is securely archived and deleted after these retention periods.

4. The Right to Restrict Processing

Individuals can object to the use of their data for purposes such as reports or communication. In such cases, data will be securely stored but not processed further.

5. The Right to Data Portability

Upon request, individuals can receive their data in a structured, commonly used format or request that it be transferred to another organisation.

6. The Right to Object

Individuals can object to their data being used for activities such as marketing or research. BDS does not use personal data for such purposes.

7. The Right Not to Be Subject to Automated Decision-Making

BDS does not use personal data for automated decision-making or profiling.

Storage and Use of Personal Data

BDS stores and processes personal information in line with GDPR guidelines:

  • Hard copy records are kept in a locked filing cabinet in the main office and remain onsite until securely archived or destroyed.

  • Electronic data is stored on password-protected systems, with regular password updates when staff leave.

  • Temporary data storage devices, such as USBs, are password protected and securely stored.

  • Documents such as registers, medication forms, and disclosures are shredded after their retention period.

Photos and Media

Photographs, video clips, or sound recordings of students are only stored or used with prior written consent via the Release/Performance Agreement form. Images are not accompanied by names in any public display, including on the BDS website or social media.

BDS GDPR Commitments

To comply with GDPR, BDS will:

  • Manage and process personal data responsibly.

  • Protect individual privacy rights.

  • Provide access to personal data upon request.

For further information, please contact us directly.

bottom of page