Here at Dizzy Ducklings we take your privacy and online safety seriously and we are continually updating our records to ensure we are that we are fully meeting the new data protection standards (General Data Protection Regulation (GDPR)).

This data protection notice explains how personal data that is collected, is processed, stored and managed across our Dizzy Duckling settings and is fully compliant with the requirement of the General Data Protection Regulation (GDPR) and the law.  

This notice applies to all Dizzy Ducklings settings and other services operated by ourselves.

It protects the rights and privacy of any individual it holds data on, including:

Staff, Volunteers, Contractors, Suppliers and anyone else working on behalf of Dizzy Ducklings.

This policy applies to all data that the company holds relating to identifiable individuals.

This can include (but is not limited to):

Names, Addresses, Phone Numbers, Dates Of Birth, Medical Records, Accident & Incident Reports.

WHY WE COLLECT AND USE INFORMATION

We use the children’s and parents’ data to: support development and learning, to enable suitable activities to be planned to help extend 

knowledge & skills and to ensure that all children are safe within our childcare settings.

Monitor and report progress through Tapestry to meet the requirements of the early years foundation stage (EYFS)

Make claims to the local authority for Free Entitlement funding.

1. Collecting children’s information

Dizzy Ducklings collects most of its data directly from the yourselves. The information we collect about you and your child will all be obtained from the application form you fill out when you first enroll your child. Additional data is collected as part of the 'All About Me' paperwork, through our parent meetings and on an as an when basis as required. There maybe times when extra sensitive information maybe required, sensitive personal data is only processed when explicit consent is given or when the processing is necessary under child protection.

2. Who and why we share this data

We are legally obliged to pass some of your details on to third parties for legal reasons such as public bodies. This includes Ofsted, Local Authorities, NHS, Police and enforcing agencies. We will not give information about you or your child to anyone outside of the company without your explicit consent unless the law or our terms and conditions allow us to.

There will be times when information will need to be shared across Dizzy Ducklings settings. At this time,  any emails containing personal data should be deleted after being dealt with / saved within the appropriate secure software system. Personal data should only be shared with those who need to have it and care should be taken when sharing personal data via email that it is sent to the correct recipient.

Data should not be shared over the phone or in person unless the individual is known to you or their identity has been confirmed.

3. Storing children’s data

The data you provide to us via the website we will hold in our software systems. All your data is either kept in our software systems or in paper format. Data relating to you and your child will be kept in the pre-school within a locked unit. Personal data held within a software system will be securely protected with individual logins, which will only be given to those who need to access the data.

All data stored in paper format will be kept in a safe location where only those who are authorised to access it, can. When not in use, paper documents should be kept in a secure environment such as locked in an office. Paper or printouts containing personal information should not be left out

 and printouts where the data is no longer required should be securely disposed of in the confidential waste bin or shredded.

There maybe times when information is needed to be shared between a school that the child attends after leaving our setting, other local childcare providers where the child is engaging currently in after school care, our local authority (for funding claims and the early years census) the DfE (annual early years census) special education needs co-ordinators and NHS services (health visitors and speech and language therapists).

We will hold children’s data and learning journals on tapestry for a reasonable period of time after children have left the setting (approximately 3 months, unless there has been a serious incident/accident or legal reason) as a requirement under the EYFS. The Limitation Act 1980 recommends that we retain data until the child reaches the age of 21 — or until the child reaches the age of 24 for child protection records.

Your data will be held securely and will only be accessible by staff who are authorised to do so.

All members of staff who work for Dizzy Ducklings have a responsibility to ensure that data is collected, stored, processed and disposed of appropriately

4. Social Media

Dizzy Ducklings use Facebook as a means to communicate positive messages about the organisation. They are updated with regular posts showing activities the children and staff have been up to and showing any art creations they may have made.

All photographs of children used on our website or Facebook page require parents’ consent. Photos are not to be posted on this or any social media or internet sites without this consent. The consent should be updated at least once a year to ensure the parents are still happy for images to be used.

We are not responsible for any social media groups which are detached from Dizzy Ducklings and have been set up by parents such as forum groups.

5. Website & Contact Forms

Any personal information you may provide to us on this website via, for example, a contact form  will never be sold, rented or otherwise distributed or made public without your express consent. We would only disclose personally identifiable information to the relevant authorities if we are required to do so by law. Should you choose to contact us using the contact form on our 'Contact Us' page the data you supply will be collated into an email and sent to us. 

We do NOT store this information on our website.

In gathering and using this data Dizzy Ducklings is committed to protecting all individual’s rights of freedom and privacy.

6. Our Website Server

All traffic between this website and your web browser is encrypted and delivered over HTTPS. 

Our Website is provided and hosted by Vistaprint and their own GDPR Policy can be found here

7. Data Breaches

We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

8. Criminal Convictions and Offences

As a childcare provider, Dizzy Ducklings is required by law to review the historic criminal convictions and offences of employees. 

As required by the GDPR we have provided information on this data below.

Atlantic Data carry out the DBS check. We keep any information given, DBS number and DBS check date.

9. Changes to our Policy

This privacy policy may change from time to time inline with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.

10. GDPR Provisions

Privacy Notices

This document has provided following information:

Collecting Information

Sharing Data

Storing Data

Social Media

Website & Contact Forms

Web Server

Data Breaches

Criminal Convictions & Offenses 

Changes to Our Policy