INTRODUCTION

LEMON DANCE CIO  is committed to protecting you and your dependents’ personal information. We are committed to providing a safe environment for all our customers, employees, casual and freelance workers and everybody who comes into contact with us, both physically and virtually (online). This Privacy Statement relates to the use of any personal information provided to us online or via application forms, telephone, email exchange, letters or correspondence. Whenever you provide such information, we are legally obliged to use your information in line with current legislation concerning the protection of personal information, including the Data Protection Act 1998 and the General Data Protection Regulations.

DATA PROTECTION PRINCIPLES

The legislation sets out various data protection principles. These include that personal information is:

  • Used fairly and lawfully

  • Used for limited, specifically stated purposes

  • Used in a way that is adequate, relevant and not excessive

  • Accurate

  • Kept for no longer than is absolutely necessary

  • Kept safe and secure

  • Not transferred outside the European economic area without adequate protection

 

YOUR RIGHTS

The legislation conveys various individual rights. These include the following:

  • The right to be informed

  • The right of access

  • The right to rectification

  • The right to erase

  • The right to restrict processing

  • The right to data portability

  • The right to object

  • Rights in relation to automated decision making and profiling

 

WHAT INFORMATION DOES LEMON DANCE CIO HAVE ABOUT ME?

The legislation requires that there is a clear legal basis for processing personal information. In general,LEMON DANCE CIC relies on the individual’s consent in order to process their data.

When you participate in or sign up to any of LEMON DANCE CIO classes, activities or workshops, we may collect and store personal information about you. This can consist of information such as your name, email address, postal address, telephone or mobile number and date of birth, depending on how you are engaging with us. By submitting your details, you enable us to provide you with the products or services that you have selected.

When taking pictures of participants in class or filming performances, LEMON DANCE CI0 will ask for individual permissions. LEMON DANCE CIC may use the images resulting from the photography/video filming, and any reproductions or adaptations of the images for fundraising, publicity or other purposes to help achieve the group’s aims. This might include (but is not limited to), the right to use them in their printed and online publicity, social media, press releases and funding applications.

LEMON DANCE CIO does NOT share your personal information with third parties, unless clearly stated. We do NOT sell your data, and neither do we buy data from third parties.

WHAT ARE COOKIES AND HOW DO YOU USE THEM?

Cookies are text files that websites place on your own computer to store information specific to you.

We will use your personal information for a number of purposes including:

  • To provide you with information about our products, services and activities and to deal with your requests and enquiries, including complaints

  • For "service administration purposes", which means that we may contact you for reasons related to the service or activity you signed up for (e.g., change of details regarding a class you attend, etc.)

  • To contact you about an application you have made

  • To process your application for employment and where applicable your employment once appointed

As and when we need to use your personal information for reasons other than the ones specified above, we will ensure that we notify you first. You will be given the opportunity to withhold or withdraw your consent for the use of your personal information for purposes other than those listed above.

HOW WILL YOU USE MY PERSONAL INFORMATION?

USE OF DATA PROCESSORS

Data processors are third parties who provide services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. The following is a list of our main data processors.

POSTING

When sending letters, parcels, publications and purchases we will share your postal address with the delivery service (Normally Royal Mail or Parcel Force).

WEBSITE HOSTING

We use a third party service, WIX to host our website. Facebook are contractually obliged to treat any information on our private website as confidential and only use such information for the purpose of providing LEMON DANCE CIO with web hosting.

Registers, Invoicing and Database

We use a third-party service, Microsoft software to store your information and use it for administrative purposes such as timetables, registers, emailing and invoicing customers. With Password access.

HOW LONG WILL WE KEEP PERSONAL INFORMATION?

We use secure technologies to help protect your personal information from unauthorised access, use or disclosure. We store personal information you provide on computer systems which have carefully controlled access and which are located in secure facilities.

The security measures described above ensure that all reasonable steps are taken to protect your personal information. However, the nature of the Internet means that an absolute guarantee of security cannot be offered, and, as with all Internet transactions, you should be aware that there may be a small security risk when disclosing information online.

WHERE IS THE INFORMATION STORED?

You have the right to access certain personal information held about you. If you wish to make a Data Subject Access Request, please contact Director of LEMON DANCE CIO.

CAN I FIND OUT WHAT PERSONAL INFORMATION LEMONMEN Dance Company HOLDS ABOUT ME?

We may disclose your information to governmental agencies or entities, regulatory authorities, or other persons in line with any applicable law, regulations, court order or official request.

LEGAL OBLIGATION

 

LEMON DANCE CIO

GDPR POLICY

GDPR stands for General Data Protection Regulation and replaces the previous Data Protection Directives that were in place. It was approved by the EU Parliament in 2016 and comes into effect on 25th May 2018. GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that individuals data is not processed without their knowledge and are only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals.

LEMON DANCE CIO is committed to protecting the rights and freedoms of individuals with respect to the processing of children's, parents, visitors and staff personal data.

The Data Protection Act gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.

GENERAL DATA PROTECTION REGULATION POLICY STATEMENT

1) THE RIGHT TO BE INFORMED

LEMON DANCE CIO is required to collect and manage certain data. We need to know participants names, addresses, telephone numbers, email addresses, date of birth along with any SEN or medical requirements.

We are required to collect certain details of visitors and chaperones to our sessions. We need to know visitors and chaperones names, telephone numbers, and where appropriate company name. This is in respect of our Health and Safety and Safeguarding Policies.

Although our teachers are freelance, LEMON DANCE CIO is required to hold data on its Teachers; names, addresses, email addresses, telephone numbers, date of birth, National Insurance numbers and in some cases, photographic ID such as passport and driver’s license, bank details. This information is also required for Disclosure and Barring Service checks (DBS) and proof of eligibility to work in the UK. This information is sent via a secure file transfer system to DDC for the processing of DBS checks. DBS Numbers and date of issue are also held on a central staffing record. Copies of teachers DBS are shared with the respective schools in which the teachers work in for Safeguarding purposes.

LEMON DANCE CIO does not use Cookies on its website nor do we collect data for Google Analytics.

2) THE RIGHT OF ACCESS

At any point an individual can make a request relating to their data and LEMON DANCE CIO will need to provide a response (within 1 month). LEMON DANCE CIO can refuse a request, if we have a lawful obligation to retain data but we will inform the individual of the reasons for the rejection. The individual will have the right to complain to the ICO if they are not happy with the decision.

3) THE RIGHT TO ERASURE

You have the right to request the deletion of your data where there is no compelling reason for its continued use. However LEMONMEN Dance Company has a legal duty to keep children’s and parents details for a reasonable time, LEMON DANCE CIO retain these records for 3 years after leaving the dance school, children's accident and injury records for 19 years (or until the child reaches 21 years), and 22 years (or until the child reaches 24 years) for Child Protection records.

Teachers records must be kept for 6 years after the member of leaves, before they can be erased.

This data is archived securely onsite and shredded after the legal retention period.

4) THE RIGHT TO RESTRICT PROCESSING

Parents, visitors and staff can object to LEMON DANCE CIO processing their data. This means that records can be stored but must not be used in any way, for example reports or for communications.

5) THE RIGHT TO DATA PORTABILITY

LEMONMEN Dance Company requires data to be transferred from one IT system to another; such as from LEMON DANCE CIO to the Local Authority, for performance licences. These recipients use secure file transfer systems and have their own policies and procedures in place in relation to GDPR.

6) THE RIGHT TO OBJECT

Parents, visitors and staff can object to their data being used for certain activities like marketing or research.

7) THE RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING INCLUDING PROFILING

Automated decisions and profiling are used for marketing-based organisations. LEMON DANCE CIO does not use personal data for such purposes.

GDPR INCLUDES 7 RIGHTS FOR INDIVIDUALS

All paper copies of children's and staff records are kept in a locked filing cabinet at 2 HALL CARR LANE, PRESTON. Members of staff can have access to these files but information taken from the files about individual children is confidential and apart from archiving, these records remain on site at all times. These records are shredded after the retention period.

Information about individual children is used in certain documents, such as, a weekly register, medication forms, referrals to external agencies and disclosure forms. These documents include data such as children's names, date of birth, contact numbers and sometimes address. These records are shredded after the relevant retention period.

LEMON DANCE CIO collects a large amount of personal data every year including; names and addresses of those on the waiting list. These records are shredded if the child does not attend or added to the child’s file and stored appropriately.

LEMON DANCE CIO stores personal data held visually in photographs or video clips or as sound recordings, and digital-written consent has been obtained via the photo and video consent form/permission to Perform agreement form. No names are stored with images in photo albums, displays, on the website or on LEMON DANCE CIO's social media sites.

Access to all LEMON DANCE CIO computers and the database for registers is password protected. When a teacher leaves the company, these passwords are changed in line with this policy and our Safeguarding policy. Any portable data storage used to store personal data, e.g. USB memory stick, are password protected and/or stored in a locked filing cabinet.

STORAGE AND USE OF PERSONAL INFORMATION

  • Manage and process personal data properly

  • Protect the individual’s rights to privacy

  • Provide an individual with access to all personal information held on them

This Policy was appointed on 01/09/19 BY,

David A Darcy, Director LEMON DANCE CIO

IF YOU HAVE ANY QUESTIONS OR COMMENTS ABOUT THIS PRIVACY STATEMENT OR GDPR POLICY PLEASE EMAIL AT

LEMONMEN.CO@GMAIL.COM