Premier Crèche Services Ltd. know how important your privacy is and will take great care to safeguard it. Our key principles are founded on honesty, objectivity, confidentiality and transparency.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
We are interested in hearing your views on matters that may influence the services that we offer.
For the purpose of the Data Protection Act 1998 and any legislation replacing or amending it, including the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) (Data Law) the data controller of your personal data is Premier Crèche Services Ltd.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Personal data is information that identifies you and relates to you and your children.
Information on the GDPR
The GDPR is a new regulation which replaces the Data Protection Regulation (Directive 95/46/EC). The GPDR aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally operate.
Even though the UK has expressed its intention to leave the EU in March 2019, the GDPR will be applicable in the UK from 25th May 2018. The Government intends for the GDPR to continue in UK law post Brexit and has also introduced a Data Protection Bill to replace the current Data Protection Act in due course.
Your new rights under the GDPR are set out in this policy but will only apply once the GDPR becomes law on 25th May 2018. All other rights in this policy apply now and once the GDPR comes into force.
Who we are and what we do
We provide both Crèche facilities for all 2 to 9 year old children (up to their 10th Birthday) and a Play Area where children aged 0 to 10 years old (up to their 11th Birthday) can play under the supervision of their parent or carer within the intuTrafford Centre Shopping Centre.
Information we hold about you
We collect information from you which may include your name, address, your phone number, child’s DOB, child’s doctor and any medical condition to help us care for your child.
You provide this information:
- at the time of registering to use the crèche
- at the time of registering to use the Play Area
- by asking us to update any out of date information which we may hold about you
We may also ask you for information if you report a problem.
Information we obtain from other sources
We do not obtain any information about you from any other sources.
Why we have your information and the reasons we use it
Under Data Law we must have a legitimate reason for holding and processing your personal data and these are listed in the GDPR. We only hold your personal data to comply with Ofsted’s rules who grant us a license to care for children or to enable us to contact you if a problem arises whilst using the Play Area.
When you register your child to be cared for in our Crèche you agree to Terms and Conditions of Use with us and a contract then exists between us. We process your information to fulfil this contract with you.
We also have a legal obligation as set out in the GDPR as we are required to retain your personal data to fulfil our legal obligations to comply with Ofsted regulation.
We may also ask for your consent at the relevant time to participate in specific other activities, such as a video recording or photography.
We do not use your personal information for marketing and we do not transfer your personal data to third parties for the purposes of marketing.
Our Legitimate Business Interests
Data Law allows us to process personal data for our legitimate business interests, which in our case is to fulfil the terms of our license with Ofsted and to safely operate our Play Area. We need to balance our interests against your interests, fundamental rights and freedoms to ensure your personal data is processed fairly.
Sensitive or Special Personal Data
Generally we do not collect sensitive (or special) personal data. Sensitive or special personal data includes information relating to racial or ethnic origin, physical or mental health, sex life or political opinion. We do collect personal health data on children using our Crèche services to enable us to safely care for them.
Our uses of your information
- to contact you by telephone if we need you to collect your child early;
- to speed your subsequent booking children in to stay at our Crèche
- to return any lost property that has been left with us;
- to help us improve our services, for example by acting on the information you provide us or to deal with any concerns or complaints you raise;
If you contact us, we may keep a record of that correspondence.
Disclosure of your information to third parties
Our registering computers are not connected to the internet and so your personal data held on them is not at risk from internet trolls.
As we have a legal obligation to follow our safe guarding policy we may have to keep factual records of any suspicions of abuse. We respect parents’ rights to privacy and confidentiality and will not share sensitive information unless we have permission to do so, or it is necessary to do so, in order to protect a child.
This may lead to sharing personal records with the local authority children’s social care team. We are obliged to work with such third parties to help ensure the safety and wellbeing of children in our care.
If we need to disclose information about you and/or your child to a government authority and it is considered safe to do so we will inform you that we are doing this.
We may disclose information in connection with any legal proceedings or prospective legal proceeding or if we are required to do so by the government or other law enforcement agencies or in connection with the investigation of unlawful activities.
In addition, we may disclose such information to law enforcement authorities as we reasonably feel is necessary.
Retention of your Data
We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and the contract between us on the basis that you are happy for us to do so. Accordingly, we have a data retention policy and run regular data routines to remove data that we no longer have a legitimate business interest in maintaining.
The criteria we use to determine whether we should retain your personal data includes:
the nature of the personal data;
its perceived accuracy;
our legal obligations;
We may archive part or all of your personal data, deleting all or part of it.
You can amend the details we hold about you each time you book your child into the Crèche but we reserve the right to request sight of your child’s birth certificate if they look significantly older or younger than stated to ensure that we comply with Ofsted rules.
You have the right to make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted through this link: https://ico.org.uk/concerns/
Access to information
You have the right to access the information we hold about you. Your right of access can be exercised in accordance with the Data Protection Act 1998 and the GDPR after 25th May 2018.. Requests should be sent to firstname.lastname@example.org
When the GDPR comes into force you will have the following additional rights, subject to the GDPR:
The right to have inaccurate personal data, rectified.
PCS Ltd. may, from time to time, contain links to external websites. If you follow a link to any external websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Cookies are small data files, applied by the majority of websites, which transfer text-only information to the hard drive of your computer.
PCS Ltd. Do not use or collect cookies.
Security and storage of information collected
We are committed to maintaining the security of the data we collect and take appropriate technical and organisational measures to prevent the loss, misuse or alteration of your personal information. Our employees can only access data by use of an authorised user name and password and information you provide to us is stored on computers not connected to the internet.
Codes of conduct
We are committed to meeting the requirements of the following laws and codes:
- All applicable data protection law including UK Data Protection Act 1998 and the GDPR (Reg. No. Z562232X).
Changes to our Privacy and Cookies Policy
How to contact us