Data Protection Statement
The EU General Data Protection Regulation (“GDPR”) comes into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.
Performance Without Limits are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles.
Performance Without Limits are dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.
Performance Without Limits already have a consistent level of data protection and security across our organisation, however it is our aim to be fully compliant with the GDPR by 25th May 2018. Our updated guidelines are:
- Information Audit- We carried out a company-wide information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed and if and to whom it is disclosed.
- Policies & Procedures
- Data Protection – our main policy and procedure document for data protection has been overhauled to meet the standards and requirements of the GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy by design and the rights of individuals.
- Data Retention & Erasure – We have dedicated erasure procedures in place to meet the new ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply. If a child leaves classes at PWL we will destroy personal details within 1 month.
- Data Breaches – our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time. Our procedures are robust and have been disseminated to all PWL employees, making them aware of the reporting lines and steps to follow.
- Third-Party Disclosures – Performance Without Limits will only share information with a third party at the following times:
- Annual winter show - With Suffolk or Cambridge county council for Performance Licenses and safeguarding procedures ONLY.
- In the event of an emergency- We will only use telephone number/ address provided in the event of an emergency with your child while in our care.
- Exam entry - In the event of entering your child for an exam with a registered body.
- Privacy Notice- We obtain information when signing up to classes at PWL for safeguarding purposes and to ensure the safety of your child. All children must have permission from a parent/ guardian to participate in classes and an emergency contact must be provided. The information that we hold for you is accessible at any time please contact Sophie Fejjari. All information obtained is kept in a secure filing cabinet in a locked office.
- Obtaining Consent – Each new sign up for any classes at PWL will be required to read or new comer booklet and will only be allowed to participate in PWL events once all terms of the agreement are understood and signed. All signed consent forms along with any personal information will be kept secure at all times.
- Direct Marketing – Performance Without limits will only contact Parents/guardians via email for PWL events, important term information and termly newsletters.
Data Subject Rights
In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information via www.pwldance.co.uk of an individual’s right to access any personal information that PWL processes about them and to request information about: -
What personal data we hold about them
The purposes of the processing
The categories of personal data concerned
The recipients to whom the personal data has/will be disclosed
How long we intend to store your personal data for
The right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this
The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use
The right to lodge a complaint or seek judicial remedy and who to contact in such instances
Information Security & Technical and Organisational Measures
Performance Without Limits takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. Registers that are shared with other PWL dance teachers are shared through an online secure document application. Teachers can view registers on a mobile device that is secured by a password and finger print system. Only the name of the student and their emergency contact number is available to said teachers.
GDPR Roles and Employees
Performance Without Limits have designated Sophie Fejjari as assigne Data Protection Officer and she is responsible for promoting awareness of the GDPR across the organization, identifying any gap areas and implementing the new policies, procedures and measures.
Performance Without Limits acknowledges the duty of care to safeguard and promote the welfare of children and is committed to ensuring safeguarding practice reflects statutory responsibilities, government guidance and complies with best practice.
The policy recognises that the welfare and interests of children are paramount in all circumstances. It aims to ensure that regardless of age, ability or disability, gender reassignment, race, religion or belief, sex or sexual orientation, socio-economic background, all children
- have a positive and enjoyable experience of Dance, Drama and Singing at Performance Without Limits in a safe and child centred environment
- are protected from abuse whilst participating in the Performing Arts or outside of the activity.
Performance Without Limits acknowledges that some children, including disabled children and young people or those from ethnic minority communities, can be particularly vulnerable to abuse and we accept the responsibility to take reasonable and appropriate steps to ensure their welfare.
As part of our safeguarding policy Performance Without Limits will
- promote and prioritise the safety and wellbeing of children and young people
- ensure everyone understands their roles and responsibilities in respect of safeguarding and is provided with appropriate learning opportunities to recognise, identify and respond to signs of abuse, neglect and other safeguarding concerns relating to children and young people
- ensure appropriate action is taken in the event of incidents/concerns of abuse and support provided to the individual/s who raise or disclose the concern
- ensure that confidential, detailed and accurate records of all safeguarding concerns are maintained and securely stored
- prevent the employment/deployment of unsuitable individuals
- ensure robust safeguarding arrangements and procedures are in operation.
- Ensure that we have writing permission for any child to walk home on their own.
The policy and procedures will be widely promoted and are mandatory for everyone involved in Performance Without Limits. Failure to comply with the policy and procedures will be addressed without delay and may ultimately result in dismissal/exclusion from the organisation.
The policy will be reviewed a year after development and then every three years, or in the following circumstances:
- changes in legislation and/or government guidance
- as required by the Local Safeguarding Children Board.
- as a result of any other significant change or event.
(Last reviewed May 2018)