AnonyMouse_10355 Posted February 20, 2018 Posted February 20, 2018 Hi I was wondering if anyone could help me please? I have been going through all the preschools policies and documents, and I can not find anything relating to data protection. There is no fair processing notice or permission in storing information. Well, except for on registration etc. Could someone please tell me what their setting has in place, so I can rectify the situation we are in. We are a charity run preschool. Many thanks
AnonyMouse_7120 Posted February 20, 2018 Posted February 20, 2018 Hi Motherclanger We have an ‘Information storage - data protection’ policy which is about to be reviewed to reflect GDPR changes (see Rebecca’s thread in here), our county also provides a Fair Processing Notice which I include in the prospectus. I can share our policy with you tomorrow if it helps to start you off.
AnonyMouse_13453 Posted February 21, 2018 Posted February 21, 2018 A quick google brings up this ..... http://www.st-benedicts.cumbria.sch.uk/wp-content/uploads/2017/11/DATA-PROTECTION-POLICY-2017-19.pdf any use?
AnonyMouse_8282 Posted February 21, 2018 Posted February 21, 2018 1 hour ago, Cait said: A quick google brings up this ..... http://www.st-benedicts.cumbria.sch.uk/wp-content/uploads/2017/11/DATA-PROTECTION-POLICY-2017-19.pdf any use? Thanks Cait that's a really useful starting point. I've also been having a massive paperwork clear out, and have come across some old info from the ICO (we have always been registered, but I never dealt with the paperwork) having had a quick flick through and a lot of it seems to link with, and be relevant to what we need to do for the GDP compliance.
FSFRebecca Posted February 22, 2018 Posted February 22, 2018 18 hours ago, louby loo said: Thanks Cait that's a really useful starting point. I've also been having a massive paperwork clear out, and have come across some old info from the ICO (we have always been registered, but I never dealt with the paperwork) having had a quick flick through and a lot of it seems to link with, and be relevant to what we need to do for the GDP compliance. Make sure you go through the 12 steps though as, although similar, the GDPR requirement is much more robust that requirements under the ICO ever were
AnonyMouse_10355 Posted February 25, 2018 Author Posted February 25, 2018 Thank you for all your replies! If you are willing to share your Information sharing- data protection policy mouseketeer that would be great! Thank you Cait, for the link, I will have a read. 1
AnonyMouse_48226 Posted March 27, 2018 Posted March 27, 2018 Also, if you are a charity not for profit pre-school you may find that you don't need to be registered with the ICO. It comes under there exemption companies.
AnonyMouse_20948 Posted March 28, 2018 Posted March 28, 2018 I looked into this last year, prompted by our Ofsted inspector who suggested we should be registered. Turned out we didn't need to be, something to do with being a charity and also not having more than 5 staff, I think. Is it the same for GDPR or am I being too hopeful? The course our LA have put on is not until the end of April .....
AnonyMouse_30128 Posted March 28, 2018 Posted March 28, 2018 Be careful! your LEA will probably expect you to be registered ...it may be a condition of funding especially if they collect information from you or pay you electronically . If you keep any information online (including payroll) then i would suggest you register. and for GDPR rules (from what ive read) you will need to comply even if you are not ICO registered. We are a NFP charity with small staff numbers!!!
FSFRebecca Posted March 28, 2018 Posted March 28, 2018 This comes up a lot.. The ICO FAQs section says: We are a not-for-profit organisation - do I need to register? You do not have to register if organisation was established for not-for-profit making purposes and does not make a profit or if your organisation makes a profit for its own purposes, as long as the profit is not used to enrich others. You must: only process information necessary to establish or maintain membership or support; only process information necessary to provide or administer activities for people who are members of the organisation or have regular contact with it; only share the information with people and organisations necessary to carry out the organisation’s activities. Important - if individuals give you permission to share their information, this is OK (you can still answer ‘yes’); and only keep the information while the individual is a member or supporter or as long as necessary for member/supporter administration I think if you are sharing information electronically, eg to your LA for funding you will definitely need to be registered. You could do the checker here
AnonyMouse_8282 Posted March 28, 2018 Posted March 28, 2018 On 22/02/2018 at 09:58, Rebecca said: When I run through the ICO checklist it said we didn't have to to register, but we did anyway for £35 I'd rather be on the safe side with this one I think.
AnonyMouse_30128 Posted March 28, 2018 Posted March 28, 2018 interestingly I've just done the tick list and it looked like we didn't need to register....then did the longer question and answer session and it came out that we did!
AnonyMouse_20948 Posted March 29, 2018 Posted March 29, 2018 Ooh thank you, obviously something I'll need to look into....!
Recommended Posts