The General Date Protection Regulation (GDPR), which came into effect on May 25th, 2018, creates a consistent set of data protection rules across Europe. It applies to all companies that process personal data about individuals in the EU, regardless of where the company is based.
DATA PROTECTION PRINCIPLES:
The GDPR states that any personal information we hold about you must be:
Used lawfully, fairly and in a transparent way.
Collected only for valid purposes that we have explained to you, and is not used in any way that is incompatible with those purposes.
Relevant to the purposes we have notified you about.
Accurate and kept up-to-date.
Kept only as long as necessary for the purposes that we have notified you about.
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
TYPES OF INFORMATION WE HOLD ABOUT YOU:
Full Name (Parent / Guardian / Carer / Third Party Enquirer)
Telephone / Mobile Number
Payment Information / Data
Child / Student's Name
Child / Student's Age
Child / Student's Date of Birth
Child / Student's School
Child / Student's Academic Year
Child / Student's Allergies & Medical Conditions
Child / Student's Previous Coding Experience
Methods of Transport to DiscoG Coding Academy
Times / Dates of Your Visits to DiscoG Coding Academy
Incidents Involving Children / Students
HOW YOUR INFORMATION IS COLLECTED:
The information listed above has been provided to us by you in one of the following ways:
Enquiries on our online forms
Enquiries via phone call / text messages / WhatsApp messages
Onsite enquiries, letters, business cards
Student Registration Forms (filled out, signed and dated by the parent / guardian / carer on the date of the student's first class).
Where there are two or more parents / guardians, this data protection statement applies to each person individually.
HOW YOUR INFORMATION IS USED:
Due to Ofsted Regulations, we are required to collect certain information (as outlined above) about our students and their parents / guardians. This information is collected through the process of a Student Registration Form which each parent / guardian is required to fill out, sign and date prior to or on the date that the student joins DiscoG Coding Academy. Your personal information, and the personal information of all of our students is held with the upmost respect and security. Asides from holding your information in regards to Ofsted Regulations, a lot of the information provided is used in the day-to-day running of our Academy, i.e. to:
Provide you with important information regarding term-time classes, holiday bootcamps, intensive courses and summer school schedules that are relevant to each student.
Allocate students to a class or to arrange 'catch-up classes'.
Respond to your e-mails, messages and enquiries.
Organise payment schedules.
Facilitate the use of Childcare Vouchers.
Ensure the safeguarding of all children at our Academy.
HOW & WHERE YOUR DATA IS STORED:
All data and records are stored securely to avoid misuse or loss. The details provided to us on the Student Registration Forms are stored as hard copies within a secure folder and within our online systems. Folders are kept in a lockable cabinet at all times. Online systems are protected with secure passwords and are only accessed by permitted staff members.
HOW LONG YOUR INFORMATION IS KEPT FOR & WHY:
Under the regulations provided by Ofsted, we are required to hold your information for a minimum of 3 years after leaving DiscoG Coding Academy.
RIGHTS OF ACCESS, CORRECTION, ERASURE & RESTRICTION OF PERSONAL INFORMATION:
Your Duty To Inform Us Of Changes:
It is important that the personal information that we hold about you is accurate and up-to-date. Please keep us informed if your personal information changes whilst you or your child is still a member of DiscoG Coding Academy.
Under certain circumstances, by law, you have the right to the following:
Request Access - You have a legal right to ask for a copy of any of your personal data held by us. Please contact us via email at: if you would like to see the personal information that we hold about you. *
Request Correction - This enables you to have any incomplete or inaccurate information corrected or updated. **
Request Erasure - This enables you to ask us to delete or remove your personal information for which there is no further need to continue to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object processing. **
Request The Restriction Of Processing - This enables you to ask us to suspend the processing of personal information about you.
Request To Transfer - You can ask us to transfer your personal information to another party.
* In the interest of ensuring that we have provided the correct information, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information at your request.
** In compliance with Ofsted regulations, it is essential that all of the information provided to us on the Student Registration Forms by parents / guardians / carers is accurate and up-to-date. In the event of significant changes (for example, a change of home address, contact information etc...) it is the responsibility of the parent / guardian / carer to provide the correct information to ensure that our records are up to date. In the case of a requested erasure of personal details, we may be required to hold your information for a specified length of time to comply with Ofsted regulations.
CHANGE OF PURPOSE:
We will only use your personal information for the purposes for which we have highlighted within this document, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so. We may process your personal information without your knowledge or consent where this required or permitted by law.
YOUR RIGHTS UNDER GDPR:
In accordance with the GDPR, we will only process your personal data if at least one of the following circumstances applies:
You have given consent to the processing of your personal data for one or more specific purposes.
Processing is necessary for compliance with a legal obligation to which we are subject.
Processing is necessary to protect your vital interests.
Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Under the GDPR, you have:
The right to request access to, deletion of or correction of your personal data held by DiscoG Coding Academy.
The right to complain to a supervisory authority.
The right to be informed of what data processing is taking place.
The right to restrict processing.
The right to data portability.
The right to object to the processing of your personal data.
DATA SHARING WITH THIRD PARTIES:
We may have to share your data with third parties, including third-party service providers and other entities. In these events, we require third parties to respect the security of your data and to treat it in accordance with the law. We may transfer your personal information outside of the EU. If this is the case, you can expect a similar degree of protection in respect to your personal information.
Which third party providers process my personal information?
Third parties include service providers and other entities. The following activities may be carried out by third party services and providers:
Processing Childcare Vouchers
Processing Tax Credits
Payments Via Credit Card Readers & Online Banking Payments
How secure is my information with these third party services and providers?
All of our third party service providers are required to take appropriate security measures to protect your personal information in line with the GDPR. We do not anticipate our third party service providers to use your personal data for their own purposes. They will only process your personal information for specific purposes.
In the interest of safeguarding children, there may be circumstances in which we are legally required to share information with other professionals or services for further help. This is to ensure the safeguarding and wellbeing of all children under our care and children affiliated with DiscoG Coding Academy. In compliance with Ofsted, we are required to keep a written record of any safeguarding concerns for a period of three years. This record may include details such as the date of a complaint or disclosure, information from the Designated Safeguarding Officer, a report of the alleged incident, actions taken by staff in response to the complaint or disclosure and any outcomes / responses.
We are required to produce for Ofsted, on request, a full list of such complaints and disclosures made within a 3 year period. We may also be required to make available to Ofsted, on request, a summary of complaints and disclosures made in relation to Ofsted's requirements during the past 12 months and the action that was taken as a consequence.
DiscoG Coding Academy does not knowingly solicit data from or market to children under the age of 13. If a parent / guardian / carer becomes aware of this or their child has provided us with information without the parent / guardian consent, we will remove their information from our system as soon as we can.
We may disclose the user provided and automatically collected information:
As required by law.
When we believe, in good faith, that disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government request.
If DiscoG Coding Academy is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and a notice on our site of any change in ownership or uses of this information, as well as any choices you may have regarding this information.
Your right to withdraw consent:
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time (see above).
Data Protection Officer:
You have the right to make a complaint to or express your concerns at any time to the Data Protection Officer (Gerard Papet).
Changes to this privacy notice:
We hope you all stay safe during these uncertain times!