DATA PROTECTION POLICY
At GAMD we respect the privacy of our members and the privacy of their parents or carers, as well as the privacy of our staff.
Our aim is to ensure that all those using and working at GAMD can do so with confidence that their personal data is being kept secure.
Our lead person for data protection is Amy Hagerty. The lead person ensures that GAMD meets the requirements of the General Data Protection Regulation (GDPR), liaises with statutory bodies when necessary, and responds to any subject access requests.
Within GAMD we respect confidentiality in the following ways:
Information given by parents to GAMD staff about their child will not be passed on to third parties without permission unless there is a safeguarding issue (as covered in our Safeguarding Policy).
Staff only discuss individual GAMD members for purposes of planning and group management.
Staff are made aware of the importance of confidentiality during their induction process.
Issues relating to the employment of staff, whether paid or voluntary, will remain confidential to those making personnel decisions.
Staff and Volunteers are informed of our Data Protection policy and are required to adhere to it.
HOW WE PROTECT YOUR DATA
We protect unauthorised access to your personal data and prevent it from being lost, accidentally destroyed, misused, or disclosed by keeping it securely.
Registration forms, registers, claim forms and accounts are kept in a lockable file.
Email addresses are kept on a password protected computer and phone numbers are on passcode-locked phones.
INFORMATION THAT WE KEEP
Children and parents: We hold only the information necessary to maintain contact and provide a safe educational setting for the child. This includes child registration information, medical information, parent and emergency contact information, attendance records, incident and accident records.
Adult members: We hold only the information necessary to maintain contact with our members while they participate in our ensembles. This includes contact information, medical information, attendance records, incident and accident records.
Staff: We keep information about employees in order to meet HMRC requirements, and to comply with all other areas of employment legislation.
HOW WE USE YOUR PERSONAL DATA
We use personal data about our members and their parents in order to provide an educational performing arts service and fulfil the contractual arrangement you have entered into.
This includes using your data to:
contact parents or emergency contacts in case of an emergency
maintain contact with you about GAMD information including term dates, events, concerts and to respond to any questions you may have
keep you updated with information about any other opportunities that you may be interested in.
With your consent, we will also video, record or photograph performances, events and rehearsals for publicity purposes. These may be used on our website or on social media. Names may also be used in concert programmes.
You will have the opportunity to withdraw your consent at any time, for videos or images taken by confirming so in writing.
Once an employee or member leaves GAMD we retain only the email and data required by statutory legislation and industry best practice, and for the prescribed periods of time. Our paper registration records are disposed of securely.
THIRD PARTY INFORMATION SHARING
Sharing information with third parties
We will only share child information with outside agencies on a need-to-know basis and with consent from parents, except in cases relating to safeguarding children, criminal activity, or if required by legally authorised bodies (eg Police, HMRC, etc). If we decide to share information without parental consent, we will record this in the child’s file, clearly stating our reasons.
We will only share relevant information that is accurate and up to date.
Some limited personal information is disclosed to authorised third parties we have engaged to process it, as part of the normal running of our business, for example in order to take online bookings, and to manage our payroll and accounts.
We will never share your data with any other organisation to use for their own purposes.
SUBJECT ACCESS REQUESTS
GAMD members and Parents/carers can ask to see the information and records relating to their child, and/or any information that we keep about themselves.
Staff and volunteers can ask to see any information that we keep about them.
We will make the requested information available as soon as practicable and will respond to the request within one month.
If our information is found to be incorrect or out of date, we will update it promptly.
If any individual about whom we hold data has a complaint about how we have kept their information secure, or how we have responded to a subject access request, they may complain to the Information Commissioner’s Office (ICO).
We comply with the requirements of the General Data Protection Regulation (GDPR), regarding, obtaining, storing and using personal data.