The UCL Day Nursery meets all the legal requirements for the use, storing and sharing of personal data as defined in the 2018 General Data Protection Regulations (GDPR) and the 1998 Human Rights Act.
We will adhere to the principles of the General Data Protection Regulations when collecting and processing information about you and your child. We also explain how your data is processed, collected, and kept up-to-date in our Privacy Notice which is given to you at the point of registration. We will never share your data with any organisation to use for their own purposes.
The six principles of GDPR state that personal data must be:
- Processed fairly, lawfully and in a transparent manner in relation to the data subject.
- Collected for specified, explicit and legitimate purposes and not further processed for other purposes incompatible with those purposes.
- Adequate, relevant and limited to what is necessary in relation to the purposes for which data is processed.
- Accurate and where necessary, kept up to date.
- Kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed.
- Processed in a way that ensures appropriate security of the persona data including protection against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Last updated: Tuesday, August 14, 2018