top of page

Data Protection Policy

1. Introduction

The Kids Village is committed to ensuring that personal data is handled in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). We recognise the importance of protecting and respecting the privacy of our staff, children, parents, and other individuals whose personal data we collect and process.

This policy outlines how we collect, use, store, and protect personal data to ensure transparency and compliance with relevant data protection legislation.

The Kids Village Ltd a registered Data Controller with ICO (The Information Commissioner).

2. Data Protection Principles

We adhere to the following principles when processing personal data:

  • Lawfulness, Fairness, and Transparency: Personal data will be processed lawfully, fairly, and in a transparent manner.

  • Purpose Limitation: Data will be collected for specified, legitimate purposes and not further processed in a way incompatible with those purposes.

  • Data Minimisation: Personal data will be adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

  • Accuracy: Personal data will be accurate and kept up-to-date.

  • Storage Limitation: Personal data will be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which it is processed.

  • Integrity and Confidentiality: Personal data will be processed in a manner that ensures appropriate security of the data, including protection against unauthorised or unlawful processing, accidental loss, destruction, or damage.

3. Types of Personal Data We Collect

We may collect the following types of personal data:

  • Children: Name, date of birth, address, emergency contact details, health and medical information, allergies, and special needs.

  • Parents/Guardians: Name, address, contact information, emergency contact details, and any relevant legal information (e.g., custody arrangements).

  • Staff: Name, address, contact details, employment records, background checks, training, and qualifications.

  • Visitors: Name, contact details, and purpose of visit.

4. Purpose of Data Processing

We collect and process personal data for the following purposes:

  • To provide childcare and educational services.

  • To maintain accurate records for safety, health, and legal compliance.

  • To communicate with parents and guardians about their child’s welfare, progress, and attendance.

  • To manage staff recruitment, payroll, and compliance with employment regulations.

  • To ensure the safety and well-being of all children and staff within the nursery.

5. How We Collect Personal Data

We collect personal data in the following ways:

  • Directly from individuals (e.g., through forms filled out by parents or staff).

  • From other parties, such as government bodies or medical professionals (in the case of health information).

  • From electronic communications or through the nursery’s website (e.g., when parents fill out forms or make inquiries).

6. Data Retention

We will retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. Data retention periods will vary depending on the type of data:

  • Children’s data: Will be kept for the duration of the child’s enrollment and for a period after they leave, as required by law (e.g., for safeguarding or educational purposes).

  • Staff data: Will be retained in accordance with employment laws and for the necessary duration after employment ends.

7. Data Security

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, alteration, or destruction. These include:

  • Secure storage of paper and electronic records.

  • Limited access to personal data based on role and necessity.

  • Regular staff training on data protection practices.

  • Use of encryption and firewalls for electronic data.

8. Data Sharing and Disclosure

We do not share personal data with third parties, except when:

  • We are required to do so by law (e.g., with governmental agencies or law enforcement).

  • We need to share information with third parties who provide services to the nursery (e.g., healthcare providers), in which case we ensure these third parties comply with our data protection standards.

  • We have obtained explicit consent from the individual concerned (e.g., for media or external activities).

9. Rights of Data Subjects

Individuals whose personal data we process have the following rights:

  • Right to Access: The right to request a copy of the personal data we hold about them.

  • Right to Rectification: The right to request that we correct any inaccurate or incomplete data.

  • Right to Erasure: The right to request the deletion of personal data in certain circumstances.

  • Right to Restriction of Processing: The right to request that we limit the processing of personal data in certain situations.

  • Right to Object: The right to object to processing based on legitimate interests or direct marketing.

  • Right to Data Portability: The right to request a copy of personal data in a structured, commonly used format.

To exercise any of these rights, individuals should contact The Kids Village at help@thekidsvillage.co.uk

10. Data Breach Notification

In the event of a data breach that could compromise personal data, we will:

  • Notify affected individuals as soon as possible, especially if the breach is likely to result in a high risk to their rights and freedoms.

  • Report the breach to the relevant supervisory authority within 72 hours, if required by law.

11. Contact Information

For any questions or concerns regarding this Data Protection Policy, or to exercise your rights, please contact:

help@thekidsvillage.co.uk

12. Review and Updates

This Data Protection Policy will be reviewed regularly to ensure compliance with applicable data protection laws. Any updates will be communicated to relevant parties.

bottom of page