Little Me Day Nurseries Ltd

gdpr notice

Little Me Day Nurseries Ltd (the Company) is registered with the Information Commissioner’s Office (ICO) as a data controller and is committed to protecting your personal data and working in accordance with all relevant data protection legislation.

What is the GDPR Notice for?
This GDPR Notice is intended to provide information about how the Company will use (or “process”) personal data about individuals including: its current, past and prospective children and their parents, carers or guardians. This information is provided because Data Protection Law gives individuals rights to understand how their data is used. Staff and parents are encouraged to read this Privacy Notice.

Responsibility for Data Protection
The Company Director has overall responsibility for ensuring that the Nurseries comply with all relevant Data Protection obligations, including the collection of data, the storing of data and how this data is used.

Sarah Kingston is our Data Protection Officer and has responsibility for dealing with any data information requests, data breaches and ensuring our staff are trained to be fully compliant. (To make an information request please email: sarah@littlemedaynurseries.co.uk).

Why do we need to process personal data?
In order to conduct its ordinary duties to children and parents, the Nurseries need to process a wide range of personal data about, prospective, past and current children and parents/carers and emergency contacts as part of its daily operation. Some of this information is required to fulfil legal rights, duties or obligations, including those under a contract with parents of its children.

The Nurseries collect personal information including, but not limited to the following:

  • To have information on the child to allow us to care for them safely and effectively
  • To allow us to enhance the education of the child and monitor their progress
  • To hold details of parents and emergency contacts to contact if required
  • To claim the Early Years Education funding from the Local Authorities
  • To share with Ofsted and Local Authorities so they are able to monitor the nurseries care, education and safeguarding
  • To use photographs and names of children around the nurseries to evidence learning and activities happening in the nursery
  • To use photos on our website and social media or marketing purposes (separate consent is obtained for this)
  • To hold information regarding SEN children to allow us to provide for any additional needs
  • In the absence of a parent/carer in an event of a medical emergency
  • Food and Dietary provision
  • Day to day operational requirements within the Nurseries

Types of Personal Data Processed by the Nurseries

This will include by way of example:

  • Names, addresses, telephone numbers, email address and other contact details for child, parent/carer and emergency contacts
  • Children’s medical and dietary information
  • Parents details who pay by childcare vouchers and the tax free childcare payment system
  • Children’s learning journals and tracking information
  • Parents details to claim the Early Years Education Grant
  • Children’s attendance records
  • Photos of children
  • Children’s names used throughout the nursery on pegs, display boards
  • Details of any accidents a child has had whilst in nursery care, or accidents they have had outside of nursery that could impact their child whilst at nursery
  • Details of your child’s day at nursery such as sleep time, nappy changes etc.
  • Emailing of invoices and correspondence
  • Texting of messages via our text messaging service

How the data is collected

In most instances the child’s data is initially provided by the parent/carer when they register their child at one of our settings.  Further information is then obtained before the child starts with us when a parent will be asked to complete a Care Plan.

Parents are asked to provide us with any updates to this data on a regular basis and to validate the information we hold on them and their child at least annually.

In some cases, personal data may be supplied by third parties (for example another nursery school, or other professionals or authorities working with that child or family)

Who has access to the data and who do we share it with

Staff within the nursery who are providing care for your child will have access to the information provided by parents/carers concerning their child.

Occasionally, the Nurseries will need to share personal information relating to its children with:

  • Schools
  • Other nursery settings
  • Local Authorities
  • Medical professionals
  • Ofsted
  • Hospitals and Doctors surgeries
  • Legal/Courts & Bailiffs

Some of the Nurseries activities are conducted on its behalf by third parties, such as IT systems. This is always subject to contractual assurances that personal data will be kept securely and only in accordance with the Nurseries specific directions.

How long we keep personal data

The Nurseries will retain personal data securely and only in line with how long it is necessary to keep for a legitimate and lawful reason.

  • Accident and Incident Forms – 22 years
  • RIDDOR forms – 22 years
  • Early Years Education Forms – 7 years
  • Complaints Records – 3 years
  • Children’s registration forms and care plan information – 2 years from leave date
  • Medicine forms – 2 years from leave date
  • Allergy forms – 2 years from leave date
  • Children’s registers – 2 years
  • Nappy charts – 1 year
  • Sleep charts – 1 month
  • Sun Cream consent forms – 1 month
  • New parent enquiry information – 1 year

If you have any specific queries about our data retention, or wish to request that personal data that you no longer believe to be relevant is considered for erasure, please contact the Data Protection Officer. Please bear in mind that the Nurseries will often have lawful and necessary reasons to hold on to some personal data even following such request.

Rights of Access

Individuals have various rights under Data Protection Law to access and understand personal data about them and their child held by the Company, and in some cases ask for it to be erased or amended or have it transferred to others.

Any individual wishing to access or amend their or their child’s personal data, or wishing it to be transferred to another person or organisation, or who has some other objection to how their personal data is used, should put their request in writing to the Data Protection Officer.

The Data Protection Officer will endeavour to respond to any such written requests as soon as is reasonably practicable and in any event within statutory time-limits (which is one month in the case of requests for access to information).

You should be aware that the right of access is limited to your own personal data, and certain data is exempt from the right of access. This may include information which identifies other individuals, or information which is subject to legal privilege.

Our Terms and Conditions and Privacy Notice together with our Policies and Procedures document represent the entire agreement and understanding between the parents and the nursery.  Any other understandings, agreements, warranties, conditions, terms or representations, whether verbal or written expressed or implied are excluded to the fullest extent, permitted by law.  We reserve the right to update this Notice at anytime.