top of page

Data Protection Policy

For the purpose of this General Data Protection Policy, Just Dance Performing Arts shall be referred to as JDPA.  When referring to “you”, this document means the student unless they are under the age of 18 in which case, “you” refers to the student and/or parent, guardian an/or emergency contact.

 

A) LEGISLATION:

  1. General Data Protection Regulations (GDPR) 2020 is the legislation which the General Data Protection Policy (GDPP) for Just Dance Performing Arts (JDPA) is based upon.

  2. GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that ‘individuals’ data is not processed without their knowledge and are only processed with their ‘explicit’ consent.

  3. The Data Protection Act gives individuals the right to know that information is handled properly.

​

B) JDPA Policy

  1. JDPA is committed to protecting the personal information (and dependents as applicable) for all our customers, employees, casual and freelance workers and everybody who comes into contact with us, both physically and virtually (online).

  2. This Privacy Statement relates to the use of any personal information provided to us online or via application forms, telephone, email exchange, letters or correspondence. 

  3. JDPA’s website & social media accounts may contain hyperlinks to websites owned and operated by third parties which nis not covered by JDPA’s GDPP; therefore we do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk. 

​

C) JDPA POLICY IN PRACTICE

  1. We do not disclose (other than to Official Examination bodies) or sell personal data to third parties.

  2. We do not disclose personal data to other members of the school and their families.

  3. The school uses contact numbers and emails for communication with and updates to parents, whole school and individual communication, invoices and general information.

  4. Emergency Parent contact numbers are given to teachers termly for the use of emergency contact.

  5. Personal data is stored in a locked password protected cloud and/or email account and a locked password protected invoicing system.

  6. Paper registration forms are stored in a secured location at the business Owner’s home address.

  7. Information is destroyed via a shredding device and digital information is deleted when no longer relevant, required or 6 years after a student has left classes at the Academy.

 

D) INFORMATION GATHERED

  1. By submitting your details, you enable us to provide you with the information regarding the services that you have selected and provide a safe teaching environment. 

  2. We will not hold more information than required and will ensure all personal data is kept up to date and used only for its specific purpose(s) as outlined within this document.

  3. When you are participating in or signing up for classes, activities, workshops run by JDPA or using any JDPA social media accounts, we may collect and store personal information about you or the enrolling student:

  • your name

  • enrolling student’s sex (for chaperone reasons)

  • email address

  • postal address

  • telephone or mobile number

  • date of birth

  • medical conditions (within reason)

  • contact preferences

  • still and moving pictures

 

E) WEB SEARCH COOKIES

  1. Cookies are text files that websites place on to store information specific to you and is note stored on our website

​

F) USE OF PERSONAL INFORMATION:

  1. As and when we need to use your personal information for reasons other than the ones specified below, we will ensure that we notify you first and you will be given the opportunity to withhold or withdraw your consent for the use of your personal information for purposes other than those listed above. 

  2. We will use your information for a number of purposes including:

  • to provide you with information about our products, services and activities and to deal with your requests and enquiries, including complaints

  • for "service administration purposes", which means that we may contact you for reasons related to the service or activity you signed up for (eg, invoices, or change of details regarding a class you are enrolled in, etc)

  • to contact you about an application you have made 

  • to process your application for employment and where applicable your employment once appointed

  • to post any relevant examination documents

 

G) JDPA CONTACTING YOU:

  1. JDPA may contact you  

  • in relation to any service or activity you have signed up for in order to ensure that we can deliver the services to you

  • to remind you of important deadlines and/or renewal notifications

  • in relation to any correspondence, we receive from you or any comment or complaint you make about our services

  • to occasionally market products or services that we think may be of interest to you 

 

H)  OBJECTING TO THE STORAGE OF PERSONAL INFORMATION

  1. You have the right to ask us not to hold or use personal data however this would mean we may not be able to provide you with the full range of services available.

  2. Please note consent is not required for us to email regarding the class you are enrolled in (invoices, updates, cancellations etc) or regarding any enquires you may have contacted the school about as these fall under legitimate interest (please see section I).

  3. You may opt-out of any personal data being stored and must give consent to any correspondence you wish to receive from JDPA. Should you decide to opt-out of any data storage you must:

  • stay on the premises during all classes in case of an emergency.

  • your child will not be able to be entered for any examination, or participate in any productions as we will not be able to process the appropriate candidate information

​

I)  LEGITIMATE INTEREST

  1. We may hold or use personal data on the grounds of ‘legitimate interest’ which in simple terms means we can process personal information if we have a genuine and legitimate reason and we are not harming any of your rights and interests.

  2. Medical information is sensitive data and held on the grounds of legitimate interest. This data will only be processed and stored by JDPA to ensure yours or your child’s safety whilst participating in our services or activities and will be deleted / destroyed 6 years after a student has left classes at the Academy.

  3. This includes information we are legally required to store even after a request to be forgotten:

  • Names and postal address related to invoices (MUST be kept as it is required for HMRC legal tax purposes)

​

J) IMAGES AND VIDEOS OF STUDENTS

  1. Certain uses of images are necessary for the JDPA website, social media accounts, internet, for press and promotional material for the development of the school and literature to inform parents/guardians of students enrolled at JDPA.

  2. The enrolment form notes that by signing the enrolment form, they agree and have read the Terms & Conditions for JDPA which is posted on the JDPA website freely to be viewed by anyone, which stipulates that image and photographs can be used for the above-mentioned uses.

  3. If consent is given for a still or moving image of your child to be used for any of the external marketing purposes, please be informed that these are public domains and can be viewed by anyone.

  4. Should an image be used in any marketing publication, website or social media site there will be no use of names alongside images other than in special circumstances (such as getting into a dance school, or other achievements) where very specific parental consent will be sought by JDPA from the parent/guardian and will only ever use a first name to protect privacy.

  5. Any images and videos belonging to the school are stored by JDPA electronically on password locked cloud account.

  6. Professional 3rd party companies who take images and videos to be sold on behalf of JDPA will be asked to verify they have a General Data Protection Policy in place to ensure the student’s privacy is not compromised.

  7. At any time, consent can be withdrawn to the taking, storing or use of images by contacting the business Owner of JDPA.

​

K) DURATION OF INFORMATION RETAINED

  1. Information is kept for as long as is necessary to deliver the services we are providing you with.

  2. Email accounts are purged once a year with emails from students and/or parents/guardian deleted that are +2yrs old

  3. Upon leaving the school, all personal information will be kept for a period of 6 years which it will then be destroyed.

  4. Social media accounts have no set recurring period to delete off old information and shall be done so on a case-by-case basis as required

 

L) LOCATION OF RETAINED INFORMATION

  1. JDPA uses a variety of digital means to communicate, invoice and store general information.

  2. Social media accounts are public domains and it is the responsibility of those posting information to ensure that all information posted is suitable for anyone to view with the exception of private message chats within the social media account.  The private messages will be protected by the account being password protected, and if possible double authentication methods.

  3. The company email account and mobile are the primary means of non-verbal communication both of which are to be password protected, and where possible, double authentication enabled.  Personal information is to be transferred to the company cloud account and the email deleted as per section K above.    

  4. Personal information along with original copies of images and videos are saved to a locked password cloud account and to a password locked computer used to generate invoicing.

  5. The website is hosted by WIX with all apps used to sell/purchase items, enrol with and contact JDPA being Wix approved apps.

  6. Where information is shared with 3rd parties (i.e. medal examination boards, show production registration), they are asked to confirm they have their own internal policies that comply with the GDPR regulations

​

M) GENERAL

  1. The security measures described above ensure that all reasonable steps are taken to protect your personal information.

​

N) SEVEN RIGHTS

  1. The GDPR includes seven rights for individuals that are as follows:

​

N1) THE RIGHT TO BE INFORMED

  1. As an Employer of Self-Employed practitioners, JDPA is required to hold data on its teachers such as names, addresses, email addresses, telephone numbers and bank details. Information such as Disclosure and Barring Service checks (DBS), personal Public Liability insurance, First Aid Certificate's, Membership details and any qualifications. This information stored via a secure electronic system and any paper forms are stored in a secured filing cabinet at the school’s offices.

​

N2) THE RIGHT OF ACCESS

  1. At any point an individual can make a request relating to their data and JDPA will need to provide a response (within 1 month). The JDPA can refuse a request, if we have a lawful obligation to retain data but we will inform the individual of the reasons for the rejection.

 

N3) THE RIGHT TO ERASURE

  1. You have the right to request the deletion of your data where there is no compelling reason for its continued use, however JDPA has a legal duty to keep student and parent’s details for a reasonable time*.

  2. * JDPA holds personal data while the student is registered at the school. The school requires a written notice to leave the school to put into place the erasure of your data. If records of this is not found, The School will continue to use your data for School purposes only.

  3. JDPA retain any records relating to student's accident and injury records for 19 years (or until the child reaches 21 years), and 22 years (or until the child reaches 24 years) for Child Protection records. 

  4.  Self Employed Teaching records will be erased when the member of staff leaves their position. All hard copy information is destroyed via a shredding device.

​

N4) THE RIGHT TO RESTRICT PROCESSING

  1. Parents, visitors and staff can object to JDPA processing their data. This means that records can be stored but must not be used in any way, for example School Communications, General Emails about School news and updates.  In this situation, The School has no obligation to refund any classes missed or cancelled due to 'lack of communication'. It will be the parent’s responsibility to ensure they are informed about any event's happening at the school.

​

N5) THE RIGHT TO DATA PORTABILITY

  1. JDPA requires data, for example registration forms to be transferred from student, to teacher, to School Principal.

  2. Theschool is also required to provide data such as student DOB to be able to enter students in medals and examinations. In this case recipients use secure file transfer systems and have their own policies and procedures in place in relation to GDPR.

​

N6) THE RIGHT TO OBJECT

  1. Parents, visitors and staff can object to their data being used for certain activities like marketing or research.

 

N7) THE RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING INCLUDING PROFILING

  1. Automated decisions and profiling are used for marketing-based organisations which is not used by JDPA.

bottom of page