Luminous Dance Academy
GDPR policy
In accordance with the GDPR Statement -
GDPR stands for General Data Protection Regulation and replaces the previous Data Protection. It was approved by the EU Parliament in 2016 and comes into effect on 25th May 2018. GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that individuals’ data is not processed without their knowledge and are only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals. Luminous Dance Academy is committed to protecting the rights and freedoms of individuals with respect to the processing of children’s, parents, visitors and staff personal data. The Data Protection Act gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.
What we do at Luminous Dance Academy:
We do not disclose (other than to Official Examination bodies) or sell personal data to third parties.
We do not disclose personal data to other members of the School and their families.
The School uses contact numbers and emails for communication with, and updates, to parents, whole school and individual communication, invoices and general information.
Emergency Parent contact numbers are given to Luminous Dance Academy for the use of emergency contact & for contact in respect of Dance School business only.
Personal data is stored in a locked password protected computer database.
Hard copy information is destroyed via a shredding device when the students leaves the dance school.
Information about individual children is used in certain documents, such as, a weekly register, medical information and examination documentation. These documents include data such as children’s names, date of birth and emergency contact numbers.
Luminous Dance Academy stores personal data held visually in photographs or video clips. No names are stored with images in photo albums, displays, on the website or on Luminous Dance Academy social media sites without express permission.
Access to the School Email account, Website, Personal Data, Social Media Accounts and Examination Details is password protected and is not available to members of the Public, members of the School and or its staff. The Principal (Hayley Bromhead) has sole access to all this data.
Due to Covid-19, contact details including name, email, contact number and address will be used and shared for Track and Trace purposes as and when needed. This information will only be shared with Track and Trace and only when necessary.
GDPR includes 7 rights for individuals:
1) The right to be informed
Luminous Dance Academy is registered with the International Dance Teachers Association (IDTA) and as such, is required to collect and manage certain data. The School collects parent’s and or guardian’s names, addresses, emergency telephone numbers, medical information and email addresses.
As an Employer of Self Employed practitioners, Luminous Dance Academy is required to hold data on its Teachers such as names, addresses, email addresses, telephone numbers and bank details. Information such as Disclosure and Barring Service checks (DBS), personal Public Liability insurance, examination board Membership details.
2) The right of access
At any point an individual can make a request relating to their data and Luminous Dance Academy will need to provide a response (within 1 month). Luminous Dance Academy can refuse a request if we have a lawful obligation to retain data but we will inform the individual of the reasons for the rejection.
3) The right to erasure
You have the right to request the deletion of your data where there is no compelling reason for its continued use. However, Luminous Dance Academy has a legal duty to keep student and parents’ details for a reasonable time*. Luminous Dance Academy retain any records relating to student’s accident and injury records for 19 years (or until the child reaches 21 years), and 22 years (or until the child reaches 24 years) for Child Protection records. Self Employed Teaching records will be erased when the member of staff leaves their position. All hard copy information is destroyed via a shredding device.
* Luminous Dance Academy holds personal data while the student is registered at the School. Once the student leaves data will be erased.
4) The right to restrict processing
Parents, visitors and staff can object to Luminous Dance Academy processing their data. This means that records can be stored but must not be used in any way, for example School Communications, General Emails about School news and updates. In this situation, The School has no obligation to refund any classes missed or cancelled due to ‘lack of communication’. It will be the parent’s responsibility to ensure they are informed about any event’s happening at the School.
5) The right to data portability
Luminous Dance Academy requires data, for example registration forms to be transferred from student, to teacher, to School Principal. The School is also required to provide data such as student DOB and exam pin number’s to be able to enter students in IDTA Exams. In this case recipients use secure file transfer systems and have their own policies and procedures in place in relation to GDPR.
6) The right to object
Parents, visitors and staff can object to their data being used for certain activities like marketing or research.
7) The right not to be subject to automated decision-making including profiling.
Automated decisions and profiling are used for marketing-based organisations. Luminous Dance Academy does not use personal data for such purposes.
This Policy was issued by Luminous Dance Academy June 2018.
Policy updated: September 2020
Policy review – September 2021