The
General Data Protection Regulations (GDPR) come into force on 25th
May 2018 and require that all businesses issue a privacy statement to all
clients and contacts, regarding the data held about individuals. I shall be asking all current and new students and/or their parents to read and confirm they accept this notice, to ensure that they are aware of the new rules and my compliance with them.
1. Registered Person
1.1 Catherine Jennaway
is registered with the Information Commissioner’s Office. Catherine Jennaway is the controller of
your data.
2. Data Held
2.1.
I hold personal contact information as well as information about each student’s
music education, eg progress, objectives
and exam results. I only hold the data
needed to provide the services you engage me to provide.
3. What I do with it3.1. Contact information is used for scheduling, invoicing, record keeping and communicating my own services such as recitals and holiday initiatives.
3.2. Some information will be shared with examination boards if you wish to enter for exams.
3.3. Where lessons are provided in the context of a school, information on progress and timetabling may be shared with the school.
3.4. No other data will be shared unless there is a legal obligation to do so.
3.5. All reasonable steps are taken to ensure your data is processed and stored securely.
4. Individual
Rights to the Data Held
4.1. If you wish to change or delete the
information I hold about you, or if you have any concerns about your data,
please contact me directly.
4.2. You have additional rights regarding the
data stored about you. You can read
about them here:
https://ico.org.uk/for-organisations/guide-to-data-protection/principle-6-rights/
5. Reporting a breach of rights or security
5.1.
If you believe your data rights or security have been breached, please contact me
immediately. |