This policy applies to all of the services, activities, and programmes delivered by Marion Rogerson (Independent Occupational Therapist (HCPC Registered); Sensory Integration Practitioner – B,A., M.B.A Certificate in Health Economics), In this privacy notice, references to ‘we’ ‘us’ ‘our’ is a reference to Marion Rogerson and the Programme that your child(ren) is attending, may be attending or has attended.
We are committed to protecting and respecting you and your child(ren)’s privacy, and as such this commitment also applies to the protection of personal data, set out by the GDPR. We act as a Data Controller according to the legislation set out by GDPR. Our ICO registration number is ZA452479
In order to process bookings and enquiries we need to collect personal details about you and your child(ren) on your booking. We will respect and protect your privacy at all times. This policy sets out how we will collect, use and store any personal data about you and your child(ren).
By accepting a place on our Programme, you are agreeing to us storing and processing this information as set out below. You, as a parent, are responsible for ensuring you have the agreement from all persons attending the Programme on your behalf, to pass on their details to us. In the event that your child(ren) is under the age of 16 years, you will be required as their parent to give your consent on their behalf for the processing of their own personal data under GDPR.
What is our legal basis for processing data?
Our lawful bases for processing data are as follows:
Consent – consent has been obtained to use personal data;
Contract – the processing of data is necessary to fulfil our commitment to you and your child(ren);
Legitimate Interest – we use your data to pursue our legitimate interests in such ways which would be reasonably expected to operate our services, and which does not impact on the freedom or rights of parent and child(ren).
When do we collect data?
When you register your interest to attend a Programme with us we will need to collect certain personal details to process your interest and make the necessary arrangements for your child(ren) to attend our Programme.
Prior to attending our Programme, we will also need to collect more sensitive personal data, specifically relating to the children on your bookings, such as medical conditions, allergies and educational needs to ensure we can provide the appropriate care for your child(ren). Whilst your child(ren) is in our care you may need to complete forms which will require personal information relating to you or your child, or if you contact us with a query/complaint.
We may also collect data from you in other ways that will request your name, address, email address and telephone number.
What data do we collect?
Parent(s)/Carer’s/Emergency Contact’s details – Name, address, DOB, telephone numbers, email address, details of your interactions with us e.g. a query/complaint that you have raised, personal details to help tailor our services to you and your child(ren), payment card details, comments and service reviews, work address and telephone number.
Children’s details – Name, address, DOB, medical, behavioural or educational needs, school, registered GP, language.
The law requires us to take reasonable steps to ensure data is kept accurate and up to date. We remind parents to update details when attending our Programmes.
How do we use your data?
If you have registered your interest in attending a Programme with us, we will use your data in relation to delivering our Programme, to contact you with information relating to your interest in attending our Programmes and your child(ren)’s time in attending our Programmes, to protect the welfare of your child, to comply with our legal obligations and to process payments.
With your consent, we will use your personal data to keep you informed by email, web, text, telephone and through our support team about our Programmes.
Opting In/Out – Your privacy is important to us which is why we like to make sure you’re in control. You can opt in or out at any time with regard to your personal information and its use. You can do this yourself by contacting Marion (please see her details on page 1). We will then update your account accordingly.
Third Parties – We will only ever pass on your personal details to a third party if it is necessary to fulfil a particular service on your behalf or as part of our normal business activities. Should any safeguarding concerns or legal proceedings require us to pass on your personal information we trust you will understand that we have a duty to comply with the law. Please be aware that the way in which your personal details would be legally protected within the UK may differ from other countries.
Should any safeguarding concerns or legal proceedings require us to pass on your personal information we trust you will understand that we have a duty to comply with the law.
Our website contains links to and from other websites. If you follow a link from our website to another site, please be aware that the third party site will have its own privacy and data protection policies and we are not responsible for how they may collect their data.
How do we protect data?
Storage – Once data is received, we will take all reasonable steps to ensure your data is secure to prevent unauthorised access to it. All information you provide is stored on secure databases, our IT systems are password protected, hard copy information is held in lockable containers.
Transfer – If any confidential or sensitive information is sent by email only children’s initials will be used.
How long do we keep data for?
There are legal requirements for how long we have to keep data for before destroying it. Due to the nature of our services involving children we are required to keep information relating to each child and their booking until they reach the age of 25 years. All data is archived by year of attendance and destroyed 17 years later in order to ensure data for the youngest child attending the Programme in that particular year is kept until they are 25 years. When the time arises, we securely delete and destroy all of the information we hold. Hard copies of personal data are shredded, and electronic copies are securely deleted.
Whilst we hold data for longer, we will only actively use this to contact you regarding our and services within a maximum of 3 years of your last attendance/enquiry with us.
Your rights:
You have the following rights in relation to your data: Right to access, rectification, erasure, data portability, object and automated decision making (including data profiling).
If you would like to exercise any of these rights please write to Marion Rogerson, 9 Rathmore Close, Stourbridge DY8 2RS or by email to Marion Rogerson at rrogerso@waitrose.com or you can call Marion Rogerson on 07879431371. Please note that in some circumstances we will still need to retain certain data in order to comply with our legal obligations.
If a subject access request is put forward, we will send the information within one month (30 days) and free of charge – this will be sent in a protected file. Please note that we will ask some security questions to prove your identity before disclosing any data. If you are not happy with the way we have handled your data or responded to your requests you can lodge a complaint with the Information Commissioner’s Office at www.ico.org.uk/concerns or by phone on 0303 123 1113.
Changes to our policy:
We reserve the right to update this policy from time to time and we will keep you informed by updating this statement and circulating it to you.
As a Registered Charity from time to time SENSORY PEOPLE undertakes fundraising activities. As part of those activities we may wish to contact you to ask you if you are willing and able to contribute to these activities. If you would prefer not to receive information about SENSORY PEOPLE’s fundraising activities please let us know.
Registered Charity No: 1164806