The General Data Protection Regulations (GDPR) come into force on 25^th May 2018 and require that all businesses issue a privacy statement to all clients and contacts, regarding the data held about individuals.

I shall be asking all current and new students and/or their parents to read and confirm they accept this notice, to ensure that they are aware of the new rules and my compliance with them.

 1.  Registered Person

1.1 Catherine Jennaway is registered with the Information Commissioner’s Office.  Catherine Jennaway is the controller of your data.

2. Data Held

2.1. I hold personal contact information as well as information about each student’s music education, eg  progress, objectives and exam results.  I only hold the data needed to provide the services you engage me to provide.

 

3. What I do with it

3.1. Contact information is used for scheduling, invoicing, record keeping and communicating my own services such as recitals and holiday initiatives.

3.2. Some information will be shared with examination boards if you wish to enter for exams.

3.3.  Where lessons are provided in the context of a school, information on progress and timetabling may be shared with the school.

3.4. No other data will be shared unless there is a legal obligation to do so.

3.5. All reasonable steps are taken to ensure your data is processed and stored securely.

 

4.      Individual Rights to the Data Held

4.1.   If you wish to change or delete the information I hold about you, or if you have any concerns about your data, please contact me directly. 

4.2.   You have additional rights regarding the data stored about you.  You can read about them here:

https://ico.org.uk/for-organisations/guide-to-data-protection/principle-6-rights/

 

5. Reporting a breach of rights or security

5.1. If you believe your data rights or security have been breached, please contact me immediately.