The Data Protection Act 1998 (DPA) and General Data Protection Regulation (GDPR) (EU) 2016/679 describe how organisations, including ours, must collect, handle and store personal information.
These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.
The DPA/GDPR apply to data relating to customers. It covers data held on computer and on paper. Under the terms of the DPA/GDPR, data must be:
• held with express consent;
• needed for the performance of the undertaking or contract;
• necessary to comply with a legal obligation;
• necessary to protect the customer from some life-threatening matter; and/or
• necessary for the purposes of the legitimate interests of the data controller.
Will my data be kept private?
All your personal data will be stored securely and used only for the purposes for which it was obtained. All parents are required to consent to this when registering their child.