Childminding Matters Privacy Notice / Policy – Website, Webshop, CRC

This privacy notice/policy sets out how Childminding Matters (“we/us/our”) uses and protects any information that Childminding Matters’ website/webshop/childminding registration course users (“you/your”) give Childminding Matters when they use this website and/or webshop and/or access our childminding registration course (CRC).

Childminding Matters is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy notice.

Childminding Matters may change this notice (policy) from time to time by updating this page. You should check this page periodically to ensure that you are happy with any changes. This notice (policy) is effective from 7 March 2020.

What this privacy notice contains:

Why we use your personal information

We process your personal data for the following purposes:

  • to provide you with the services you register for – including the fulfilment of webshop purchases (including training where relevant);
  • for the ongoing administration of the service;
  • to allow us to improve the products and services we offer to our customers;
  • to ask for your opinion about our products and offer surveys;
  • for research and statistical analysis of product usage
    • we only use the data in an anonymized manner when we use your data for this purpose;
  • to offer you the option of signing up to a free monthly childcare news roundup e-newsletter (if you accept, you can unsubscribe at any time)
    • this e-newsletter is automatically included for users purchasing our online Childminding Registration Course (CRC), as it forms part of the course and ongoing support for childminders; users can unsubscribe at anytime;
  • to offer new products and services to you which are relevant and appropriate, and only to the extent that would be reasonably expected;
  • to enable us to obtain payment for goods purchased;
  • to enable us to protect our intellectual property;
  • to enable us to comply with our legal and regulatory obligations.

The legal basis for processing

Under Data Protection Law, there are various grounds which are considered to be a ‘legal basis for processing’:

  • Legal obligation: includes
    • holding of order/invoice information (for HMRC, card handlers, crime and fraud prevention)
    • details of purchase information, such as IP address and payment processor checks, for crime/fraud prevention;
  • Contractual: includes fulfilling order requirements;
  • Consent: includes e-newsletter;
  • Legitimate interest: includes opinions about our products, research and statistical analysis of product usage, details of failed orders (so that we can contact potential customers to see whether they still wants to order product(s)), details of where and when documents/online training courses are accessed to protect our intellectual property and if necessary to prove you have accessed our materials.

What personal information we use

We may collect the following information:

  • name and company name;
  • contact information including email address, telephone number and postal address;
  • IP address used when making purchase and/or accessing documents/online training;
  • childcare registration number;
  • authentication data – username and password (any manually set passwords issued are only temporary and change is forced on first use; any other passwords are not visible to us);
  • payment history – includes transactions and card payment checks;
  • in purchase messages;
  • other information relevant to customer surveys and/or offers.

How we use your personal information

We use your personal information for the purposes outlined above (Why we use your personal information).

Some of our employees have access to such information, only to the extent required to carry out the services for you.

We have introduced appropriate technical and organisational measures to protect the confidentiality, integrity and availability of your personal information during storage, processing and transit.

Your rights under data protection legislation

Right to be informed: You have the right to be informed about the collection and use of your personal data. This policy notice aims to provide this information, but please contact us for more information.

Right to Access: You have the right of access to your personal information that we process and details about that processing. Please contact us for more information.

Right to Rectification: You have the right to request that information is corrected if it’s inaccurate.  Please contact us for more information.

Right to Erasure (Right to be Forgotten): You have the right to request that your information is removed. If we do not have a legitimate, legal reason for keeping the data, then we will comply with your request and delete the data. Please contact us for more information.

Right to Restriction of Processing: You have the right to request that we restrict the extent of our processing activities; depending on the circumstances, we may or may not be obliged to action this request. Please contact us for more information.

Right to Object: You have the right to object to the processing of your information; depending on the circumstances, we may or may not be obliged to action this request. Please contact us for more information.

Right to Data Portability: You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine readable format suitable for transferring to another controller. Please contact us for more information.

Sharing Personal information with third parties

We use a number of trusted service providers to help deliver our services. These providers are subject to appropriate safeguards, operate in accordance with our specific instructions and limitations, and are in compliance with Data Protection Law.

These service providers include:

  • payment processor – to securely process your card payments (we do not see, or store full payment card details);
  • webhosted business services – to send out our emails and for cloud based data storage;
  • website hosts and development systems – to manage our website and webshop;
  • security providers – to protect our systems from attack;
  • Virtual Learning Environment (VLE) – to host training programme;
  • telephony provider – we might record calls for training, quality and security purposes; you will always be informed if this is the case;
  • online survey providers – entering of personal information is optional.

Childminder Registration Course:

  • We may share your information with your Local Authority and your chosen registering body (Ofsted/Childminder Agency) should they contact us with regard to whether you have undertaken / are undertaking a Childminder Registration Course.

If we need to change or add additional third parties, we will always update our Privacy Notice accordingly. We will only disclose your information to other parties in the following limited circumstances:

  • where we are legally obliged to do so, e.g. to law enforcement and regulatory authorities, to local safeguarding children’s boards (LSCBs) or local area designated officers (LADOs);
  • where there is a duty to disclose in the public interest;
  • where disclosure is necessary to protect our interest e.g. to prevent or detect crime and fraud;
  • where disclosure is required for company account preparation and auditing;
  • where disclosure is required for insurance or legal proceedings;
  • where access is required for 3rd party IT administration;
  • where you give us permission to do so e.g. by providing consent.

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. Our e-newsletters may include promotional information about third parties relevant to childcare news. Users can unsubscribe at anytime

How long we may keep your information

We will retain your data for as long as is necessary to deliver our service to you. In particular:

  • in the case of personalised documents, we will keep data for up to 6 months in case you have any problems or queries with the documents we have prepared
  • in the case of Childminding Registration Course, we will keep your course information for three years (period required for training centres) in case you have any queries regarding your training or certification
  • in the case of e-newsletter – we will keep your details until you decide to unsubscribe from the free monthly childcare news roundup e-newsletter.

We may need to retain some records to maintain compliance with other applicable legislation – for example finance, taxation, fraud and money laundering law requires certain records to be retained for an extended duration, in some cases for up to seven years.

Links

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Breach notification

We take confidentiality and security very seriously. Any incident of data breach will be recorded and reported to those affected and to the ICO:

We will carry out a risk assessment to minimise the risk of it occurring again.

Changes to our privacy notice

This privacy notice will be reviewed regularly and updated versions will be posted on our websites.

Contact details

If you require more information about how we store and use your information, or if you want to exercise any of your rights under Data Protection Law, please contact us:

Childminding Matters, Oakley House, Tetbury Road, Cirencester, GL7 1US.

01793 677522

info@childmindingmatters.org.uk

Note: We may need to request additional information to verify your identity before we action your request.

If you are concerned about a data breach or the way in which we collect, store or share information, you can contact the Information Commissioner’s Office (ICO) on 0303 123 1113.

March 2020

Comments are closed