PRIVACY AND COOKIE POLICIES
General Data Protection Regulation (May 2018)
Privacy Notice - How we use children’s information
The Data Protection Officer/Lead with responsibility for monitoring this privacy notice is Sue Butler. In the absence of Sue Butler responsibility for monitoring this privacy statement is with the Nursery Manager.
Why do we collect and use children’s information?
Plus Three Nurseries Ltd will record, process and keep personal information on you and your child in accordance with the General Data Protection Regulations 2018.
We use this data to:
• Support children’s learning
• Make assessments on children’s development
• Safeguard the children in our care in accordance with relevant legislation
• Comply with Government legislation
• Assess the quality of our services
• Contact you regarding your child.
Plus Three Nurseries Ltd collect, hold and share two kinds of records on children attending our setting.
• Developmental information collected prior to the child starting at the setting
• A copy of the child’s Two Year Old Progress Check
• Observations of children in the setting, photographs, video clips, samples of work and developmental assessment records.
• A summary of the child’s EYFS profile report.
• Personal details – including the information provided on the child’s registration form and any consent forms and characteristics such as ethnicity, language and nationality.
• Contractual matters – including the child’s days and times of attendance, a record of the child’s fees and/or funding entitlement, any records of fee reminders and/or disputes
• Emergency contact details – including those people, other than parents/guardians with authorisation to collect the child from the setting.
• Children’s health and well-being – including discussions about every day matters regarding the health and well-being of the child with the parent/guardian, records of accidents and medication records.
• Safeguarding and child protection concerns – including records of all welfare and protection concerns and our resulting actions, meetings and telephone conversations about the child and any information regarding a Looked After Child.
• Early support and SEN – including any focussed intervention provided by our
setting, a record of the child’s IEP and, where relevant, their Statement of Special Education Need.
• Correspondence and reports – including letters and emails to and from other agencies and any confidential reports relating to specific children.
Whilst the majority of information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain information to us or if you have a choice in this.
The Early Years Foundation Stage (Welfare Requirements) Regulations 2012 place a legal obligation upon us to collect and process much of the information detailed above.
Therefore we do not require your consent to collect this information as we have a fair and lawful reason for doing so.
All forms collecting data will clearly state our lawful basis for processing the information you supply and where the request is voluntary or consent is required this will be clearly stated.
Storing children’s data
We ensure that access to children’s files is restricted to those authorised to see them such as the Nursery Manager, Deputy Manager, Designated person for child protection, the child’s key person or the setting SENCO. These confidential records are stored in a locked cupboard within nursery and/or in a locked office at our registered Head Office:
Plus Three Nurseries Ltd, 21C Balliol Way, Owlsmoor, Sandhurst, GU47 0QN.
We retain children’s records for two years after they have left the setting, except records that relate to an accident or child protection matter. These are kept until the child reaches the age of 21 years or 24 years respectively.
The information that you provide to us, whether mandatory or voluntary, will be regarded as confidential. We do not share information about your child with anyone without consent unless the law and our policies allow us to do so.
We routinely share information without consent with:
• schools that children attend after leaving us
• our local authority for the purposes of the Early Education Entitlement for 2, 3 and 4 year olds and the Early Years Census
• the Department for Education (DfE) as part of statutory data collections.
We are obliged to share confidential information without authorisation from the person who provided it, or to whom it relates, when:
• There is evidence that the child is suffering, or is at risk of suffering significant harm.
• There is reasonable cause to believe that a child may be suffering, or is at risk of suffering, significant harm
• It is to prevent significant harm arising to children, young people or adults, including the prevention, detection and prosecution of serious crime.
Further information regarding information sharing and confidentiality can be found in our policies.
Requesting access to your personal data
Under data protection legislation, parents/guardians, children and young people have the right to request access to information about them that we hold. Where a child is too young to give ‘informed consent’ the parent is the ‘subject’ of the file and has a right to see the information held.
Children’s developmental records are shared regularly with parents/guardians and formal requests to access these is not required.
To make a request for your personal information contact Sue Butler - Data Protection Officer following the procedure detailed in our access to records policy.
You also have the right to:
• object to processing of personal data that is likely to cause, or is causing, damage or distress
• withdraw consent where given
• prevent processing for the purpose of direct marketing
• object to decisions being taken by automated means
• in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
• claim compensation for damages caused by a breach of the Data Protection regulations
If you would like to discuss anything in this privacy notice, please contact Sue Butler
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at
What are cookies in computers?
Also known as browser cookies or tracking cookies, cookies are small, often encrypted text files, located in browser directories. They are used by web developers to help users navigate their websites efficiently and perform certain functions. Due to their core role of enhancing/enabling usability or site processes, disabling cookies may prevent users from using certain websites.
Standard uses for browser cookies
Cookies are NOT viruses. Cookies use a plain text format. They are not compiled pieces of code so they cannot be executed nor are they self-executing. Accordingly, they cannot make copies of themselves and spread to other networks to execute and replicate again. Since they cannot perform these functions, they fall outside the standard virus definition.
Cookies are created when a user's browser loads a website. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website's server.