DATA PRIVACY STATEMENT AND POLICY DOCUMENT

Kilkenny Academy of Dance

 

SCOPE

The policy applies to all students of Kilkenny Academy of Dance(KAD) and their parents/guardians.KAD collects data in written,electronic and verbal form from Students,Parents/Guardians.The Data Controllers have a duty to protect confidential information of their Students and Parents/Guardians and must take care with respect to the proper usage,storage and transmission of this information.

POLICY STATEMENT

The Data Controllers  collect and process Personal Data to support the effective and efficient operation of the School.At all times the Data Controllers ensure Personal Data is handled in compliance with General Data Protection Regulation (Regulation 2016/679) (GDPR).

Collection and Processing of Data

The Data Controllers collect Personal Data about Students,Parents/Guardians generally through the membership application form.Information is also received by E.Mail,Text or sometimes verbally.All data is held and processed through our data compliant computerised software system called Dancebiz which is hosted by Thinksmart Software Ltd.Their Data Privacy Notice is available here  https://www.thinksmartsoftware.com/en-gb/privacy-policy.html

How the Data Controllers use data

The Data Controllers will use Personal Data to identify students,allocate them to classes and for the efficient operation of the school through effective communication with Parents/Guardians and Students.This communication will relate to School Activities,Timetables,Invoicing and other School related activities.

Retention of Data

Personal Data on Students and their Parents/Guardians will be retained only as long as a Student is attending the School.When Student leaves all information related to that Student will be deleted from our computerised database within one month of being notified of Students non attendance.

Data Handling –Sharing Information with Third Parties

We will never pass information held by us to any other party (except for exam purposes where basic information will be given to Imperial Society of Teachers of Dancing-ISTD) and it will only be used for School purposes.

Maintaining Data

GDPR requires data to be maintained to be accurate and current.The Data Controllers engaged in the collection and processing  of Personal Data must verify that any Personal Data provided is accurate and up to date.Parents/Guardians and Students agree to notify the Data Controllers without delay in the event of any change to their Personal Data to enable Data Controllers to comply with their obligations to keep information up to date.

Security

The Data Controllers have put in place appropriate security measures to prevent Personal Data from being accidentally lost,used or accessed in an unauthorised way,altered or disclosed.Please note however that transmitting information over the internet can never be guaranteed to be 100% secure.

Data Breach Notification

The Data Controllers have very strict obligations in relation to notifying data regulators of actual and potential breaches to Personal Data.A breach may occur as a result of a number of different events e.g. website security breach,Personal Data emailed to the wrong individual,lost or stolen portable device.The Data Controllers will make notification of potential and confirmed breaches or loss of Personal Data where required to do so under Applicable Laws.

Data Subject rights

Access

Right of Access is provided for under a number of laws that allow individuals request a report on the data relating to them that our school holds.The Data Controllers will issue a copy of this Personal Data to you upon request.

Erasure

The right of erasure is provided for under a number of laws that allow individuals request the Data Controllers to erase Personal Data where there is no good reason for data to be held.

Correction

You also have the right to request correction of the Personal Data the Data Controllers hold about you.This enables you to have any incomplete or inaccurate information we hold about you corrected.

Explicit Consent

Where explicit consent is given for the lawful basis of processing,the member has a right to revoke this consent at any time.This will not affect the lawfulness of processing based on consent before withdrawl.

The Personal Data the Data Controllers hold and process about Students/Parents/Guardians is necessary for the operation of the School.This means that should you exercise your right to remove Personal Data it will not be possible for the student to continue to attend the School.

If you want to exercise rights,have any queries/complaints regarding Personal Data or the contents of this Privacy Statement please contact the Data Controllers by post at Kilkenny Academy of Dance, Smithsland Centre, Bohertounish Road, Loughboy, Kilkenny or by E.Mail at  info@kilkennydance.com setting out clearly in writing the Personal Data to which the request relates.

If you are dissatisfied with how your request/query/complaint was handled you may contact the Data Protection Commision,Canal House,Station Road,Portarlington R32AP23 Co Laois by post or by E.Mailing info@dataprotection.ie.

Changes

The Data Controllers may change this Privacy Statement at any time and will communicate any changes to you.Changes will be effective from the date set out in the new Privacy Statement.

Appendix 1

Data Controllers are Fionnuala Power and Gemma Grant

Personal Data – means data relating to Students/Parents/Guardians and includes but is not limited to the following

1.Full Name of Student

2.Address of Student

3.Date of Birth of Student

4.Student Attendance Record at School

5.Any Medical condition reported by Student or Parents/Guardians.

6.Name and Address of Parents/Guardians of Students.

7.E.Mail Address of Parents/Guardians of Students.

8.Mobile Phone No of Parents/Guardians of Students.

9.Invoices and Payments re School charges