Generation Dance

Privacy Policy

Certainly! Here's the updated Privacy Policy with the sections on changes to the policy, contact details, and the right to cancel:

GENERATION DANCE
PRIVACY POLICY
Date: 20th August 2024

INTRODUCTION

Generation Dance is committed to protecting you and your dependents’ personal information. We are committed to providing a safe environment for all our customers, employees, casual and freelance workers, and everyone who interacts with us, both physically and virtually (online). This Privacy Statement relates to the use of any personal information provided to us online or via application forms, telephone, email exchange, letters, or correspondence.

Whenever you provide such information, we are legally obliged to use your information in line with current legislation concerning the protection of personal information, including the Data Protection Act 1998 and the General Data Protection Regulations (GDPR).

DATA PROTECTION PRINCIPLES

The legislation sets out various data protection principles. These include that personal information is:

  • Used fairly and lawfully
  • Used for limited, specifically stated purposes
  • Used in a way that is adequate, relevant, and not excessive
  • Accurate
  • Kept for no longer than is absolutely necessary
  • Kept safe and secure
  • Not transferred outside the European Economic Area without adequate protection
YOUR RIGHTS

The legislation conveys various individual rights. These include the following:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erase
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision-making and profiling
WHAT INFORMATION DOES GENERATION DANCE HAVE ABOUT ME?

The legislation requires that there is a clear legal basis for processing personal information. In general, Generation Dance relies on the individual’s consent in order to process their data.

When you participate in or sign up for any Generation Dance class, activity, or workshop, we may collect and store personal information about you. This can consist of information such as your name, email address, postal address, telephone or mobile number, and date of birth, depending on how you are engaging with us. By submitting your details, you enable us to provide you with the products or services that you have selected.

When taking pictures of students in class or filming performances, Generation Dance asks for parental permission. Generation Dance may use the images resulting from the photography/video filming, and any reproductions or adaptations of the images for fundraising, publicity, or other purposes to help achieve the group’s aims. This might include (but is not limited to) the right to use them in printed and online publicity, social media, press releases, and funding applications.

Generation Dance does NOT share your personal information with third parties, unless clearly stated. We do NOT sell your data, and neither do we buy data from third parties.

We will use your personal information for a number of purposes including:

  • To provide you with information about our products, services, and activities and to deal with your requests and enquiries, including complaints
  • For "service administration purposes", which means that we may contact you for reasons related to the service or activity you signed up for (e.g., change of details regarding a class you attend, etc.)
  • To contact you about an application you have made
  • To process your application for employment and, where applicable, your employment once appointed
  • As and when we need to use your personal information for reasons other than the ones specified above, we will ensure that we notify you first. You will be given the opportunity to withhold or withdraw your consent for the use of your personal information for purposes other than those listed above.
HOW WILL YOU USE MY PERSONAL INFORMATION?

USE OF DATA PROCESSORS
Data processors are third parties who provide services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. The following is a list of our main data processors:

  • Trello: We use Trello to manage and organize our data and workflows. Trello processes personal data as outlined in their Privacy Policy.

  • MailerLite: We use MailerLite to send marketing communications and manage our email campaigns. MailerLite processes personal data as described in their Privacy Policy.

  • Zapier: We use Zapier to automate workflows between various apps and services. Zapier processes personal data as described in their Privacy Policy.

POSTING
When sending letters, parcels, publications, and purchases, we will share your postal address with the delivery service (normally Royal Mail or Parcel Force).

WEBSITE HOSTING
We use a third-party service, GoDaddy, to host our website. GoDaddy is contractually obliged to treat any information on our private website as confidential and only use such information for the purpose of providing Generation Dance with web hosting.

CRB/DBS SERVICE
A DBS checking service for Generation Dance teachers and chaperones is provided by Due Diligence Checking Ltd. Information provided by them to Generation Dance will only be shared with the individual concerned. The records are kept for 3 years and then deleted.

If you are under 18 and you provide us with information on an application form (online or printed), your parent(s)/guardian(s) permission will be required.

YOUNG USERS
We keep the information we hold about our customers and students for as long as is necessary to deliver the services we are providing you with.

HOW LONG WILL WE KEEP PERSONAL INFORMATION?

We use secure technologies to help protect your personal information from unauthorized access, use, or disclosure. We store personal information you provide on computer systems which have carefully controlled access and which are located in secure facilities.

The security measures described above ensure that all reasonable steps are taken to protect your personal information. However, the nature of the Internet means that an absolute guarantee of security cannot be offered, and, as with all Internet transactions, you should be aware that there may be a small security risk when disclosing information online.

WHERE IS THE INFORMATION STORED?

All paper copies of children's and staff records are kept in a locked filing cabinet. Members of staff can have access to these files, but information taken from the files about individual children is confidential and, apart from archiving, these records remain at the address at all times. These records are shredded after the retention period.

Information about individual children is used in certain documents, such as a weekly register, medication forms, referrals to external agencies, and disclosure forms. These documents include data such as children's names, date of birth, contact numbers, and sometimes address. These records are shredded after the relevant retention period.

Generation Dance collects a large amount of personal data every year, including names and addresses of those on the waiting list. These records are shredded if the child does not attend or added to the child’s file and stored appropriately.

Generation Dance stores personal data held visually in photographs or video clips or as sound recordings, and written consent has been obtained via tour terms and conditions form. No full names are stored with images in photo albums, displays, on the website, or on Generation Dance’s social media sites.

Any portable data storage used to store personal data, e.g., USB memory sticks, are password-protected and/or stored in a locked filing cabinet.

CAN I FIND OUT WHAT PERSONAL INFORMATION GENERATION DANCE HOLDS ABOUT ME?

You have the right to access certain personal information held about you. If you wish to make a Data Subject Access Request, please contact us.

LEGAL OBLIGATION

We may disclose your information to governmental agencies or entities, regulatory authorities, or other persons in line with any applicable law, regulations, court order, or official request.

GENERAL DATA PROTECTION REGULATION POLICY STATEMENT

GDPR stands for General Data Protection Regulation and replaces the previous Data Protection Directives that were in place. It was approved by the EU Parliament in 2016 and comes into effect on 25th May 2018.

GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit, and legitimate purposes’ and that individuals’ data is not processed without their knowledge and is only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals.

Generation Dance is committed to protecting the rights and freedoms of individuals with respect to the processing of children's, parents', visitors', and staff personal data.

The Data Protection Act gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.

GDPR INCLUDES 7 RIGHTS FOR INDIVIDUALS

  1. The Right to Be Informed: Generation Dance is required to collect and manage certain data. We need to know parent’s names, addresses, telephone numbers, email addresses. We need to know children’s full names, addresses, date of birth along with any SEN or medical requirements.

  2. The Right of Access: At any point, an individual can make a request relating to their data and Generation Dance will need to provide a response (within 1 month). Generation Dance can refuse a request if we have a lawful obligation to retain data but will inform the individual of the reasons for the rejection. The individual will have the right to complain to the ICO if they are not happy with the decision.

  3. The Right to Erasure: You have the right to request the deletion of your data where there is no compelling reason for its continued use. However, Generation Dance has a legal duty to keep children’s and parents' details for a reasonable time. Generation Dance retains these records for 3 years after leaving the dance class or activity.

  4. The Right to Restrict Processing: You can request that we limit the processing of your personal data in certain circumstances. This means that we can store your data but not use it further.

  5. The Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to have that data transferred to another data controller.

  6. The Right to Object: You can object to the processing of your personal data on certain grounds, including direct marketing or processing based on legitimate interests.

  7. Rights in Relation to Automated Decision-Making and Profiling: You have the right not to be subject to automated decisions based solely on automated processing, including profiling, which significantly affects you.

CHANGES TO THIS PRIVACY POLICY

Generation Dance may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on our website and will take effect immediately. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

YOUR OBLIGATIONS

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

CONTACT DETAILS

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us: