Privacy Notice and GDPR
Privacy Notice and GDPR2019-01-31T11:44:07+00:00

Sticky Fingers and OASTies

(How we use children’s information)

Sticky Fingers and OASTies  processes personal information about its children and is a ‘data controller’ for the purposes of Data Protection legislation. We collect information from you and may receive information about your child from their previous setting.

Sticky Fingers and OASTies Data Protection Officer is  Sophie Hanson.

The categories of child level information that we collect, hold and share include:

  • Personal information (such as name, address and date of birth)
  • Characteristics (such as ethnicity, language, nationality, country of birth)
  • Attendance information (such as sessions attended, number of absences and absence reasons)
  • Assessment information using the online assessment tool Tapestry
  • Relevant medical information
  • Special educational needs and details of relevant professionals
  • Integrated progress review

Why we collect and use this information:

We use the children’s data:

  • to support children’s learning
  • to monitor and report on children’s progress
  • to provide appropriate pastoral care
  • to assess the quality of our services
  • to comply with the law regarding data sharing

The lawful basis on which we use this information:

We are required by law to provide information about our pupils to the DfE as part of statutory data collections such as the early years census.  Some of this information is then stored in the NPD (National Pupil Database).  The law that allows this is the Education (Information About Individual Pupils) (England) Regulations 2013.

Collecting children’s information:

Whilst the majority of child level information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain child level information to us or if you have a choice in this.

Storing pupil data:

We hold children’s data for a maximum of five years from the date they start at the setting.

Who we share children’s information with:

We routinely share children’s information with:

  • Settings/schools that the children attend after leaving us
  • Our local authority (East Sussex County Council)
  • The Department for Education (DfE)
  • Health Visitors and other health professionals as appropriate

Why we share children’s information:

We do not share information about our children without consent unless the law and our policies allow us to do so.

We share childrens’ data with the Department for Education (DfE) on a statutory basis. This data sharing underpins the settings funding and educational attainment policy and monitoring.

Data collection requirements:

To find out more about the data collection requirements placed on us by the Department for Education (for example; via the early years census) goes to https://www.gov.uk/education/data-collection-and-censuses-for-schools

The National Pupil Database (NPD)

The NPD is owned and managed by the Department for Education and contains information about pupils in schools in England. It provides invaluable evidence on educational performance to inform independent research, as well as studies commissioned by the Department. It is held in electronic format for statistical purposes. This information is securely collected from a range of sources including schools, local authorities and awarding bodies.

We are required by law, to provide information about our children to the DfE as part of statutory data collections such as the school census and early years’ census. Some of this information is then stored in the NPD. The law that allows this is the Education (Information about Individual Pupils) (England) Regulations 2013.

To find out more about the NPD, go to https://www.gov.uk/government/publications/national-pupil-database-user-guide-and-supporting-information.

The department may share information about our children from the NPD with third parties who promote the education or well-being of children in England by:

  • conducting research or analysis
  • producing statistics
  • providing information, advice or guidance

The Department has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether DfE releases data to third parties are subject to a strict approval process and based on a detailed assessment of:

  • who is requesting the data?
  • the purpose for which it is required
  • the level and sensitivity of data requested: and
  • the arrangements in place to store and handle the data

To be granted access to pupil information, organisations must comply with strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data.

For more information about the department’s data sharing process, please visit: https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

For information about which organisations the department has provided pupil information, (and for which project), please visit the following website: https://www.gov.uk/government/publications/national-pupil-database-requests-received

To contact DfE: https://www.gov.uk/contact-dfe

Requesting access to your personal data

Under data protection legislation, parents and children have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Amanda Dann    ADann@uplandscc.com   (01892) 786585/6

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/

Data Protection Officer

Sophie Hanson    s.hanson@uplandscc.com   (01892) 782135

May 2018

 

 

Who we are

Our website address is: https://stickyfingersandoasties.co.uk.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact forms

Cookies

If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.