Privacy Policy
Privacy Policy
iSing iDance iAct
Date Adopted: 27th Sept 2023
Last Reviewed: 16 May 2025
Next Review Due: 16 May 2026
1. Introduction
iSing iDance iAct is committed to protecting your personal data and being transparent about how we use it. This policy outlines how we collect, use, and protect the personal data of our students, parents/guardians, staff, contractors, and website users.
2. Legal Basis for Processing
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing your data are:
- Article 6(1)(a) – Your consent.
- Article 6(1)(b) – We have a contractual obligation.
- Article 6(1)(c) – We have a legal obligation.
- Article 6(1)(d) – Vital interests.
- Article 6(1)(f) – Legitimate interests.
- Article 9(2)(a) – Explicit consent for special category data (e.g. health data).
3. Your Rights Under UK GDPR
You have the right to:
- Access the personal data we hold about you.
- Request rectification if data is inaccurate or incomplete.
- Request erasure ("right to be forgotten").
- Restrict processing in certain circumstances.
- Object to processing (where we rely on legitimate interest).
- Request data portability.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with the Information Commissioner’s Office (ICO).
4. What Personal Data We Collect
Depending on your relationship with us, we may collect:
- Personal identifiers: Full name, date of birth, gender.
- Contact details: Email, postal address, phone number.
You can contact us at: [email protected]
- Health & welfare: Allergies, medical conditions, access needs.
- Educational details: Attendance, progress, achievements.
- Financial: Payment records, bank account info (where required).
- Images: Photos or videos used for promotional or educational purposes (only with explicit consent).
5. Why We Collect and Use Personal Data
We collect personal data for the following purposes:
- To manage student enrolments and class participation.
- To ensure the health, safety, and wellbeing of our students and staff.
- To communicate with parents/guardians and students.
- To administer fees and manage financial transactions.
- For safeguarding and legal compliance.
- For promotional purposes (with your consent).
- For legitimate organisational interests.
6. Retention of Personal Data
We retain personal data only as long as necessary:
- Enrolment and student records: Up to 3 years after last activity.
- Safeguarding/accident records: At least 6 years or as legally required.
- Financial data: 6 years, in line with HMRC requirements.
Once no longer needed, data is securely deleted or shredded.
7. Security and Storage of Data
Your data is:
- Stored on password-protected systems.
- Accessed only by authorised staff.
- Backed up securely.
- Not transferred outside of the UK unless adequate safeguards are in place.
8. Sharing Your Information
We do not sell or rent your personal data. We may share data with:
- Class Manager (class and attendance software).
- Freelance staff or tutors (as necessary, and under agreement).
- Legal or safeguarding bodies (where legally required).
All third-party data processors are bound by contractual terms to protect your data.
9. Subject Access Requests (SARs)
To request access to your data, or exercise any of your rights, please contact:
Data Controller
Email: [Insert Your Official Contact Email]
We aim to respond within one month of receiving your request.
10. Children’s Data
We process children’s data only with parental/guardian consent and in line with our safeguarding duties. This data is stored securely and used strictly for educational, safety, and administrative purposes.
11. Automated Decision-Making
iSing iDance iAct does not currently use any automated decision-making or AI profiling tools in our processing of personal data.
12. Changes to This Policy
We may update this policy from time to time. When we do, we’ll notify users via email or our website.
If you have any questions about this policy or how your data is used, please contact us directly.