HCooper Posted May 10, 2018 Posted May 10, 2018 Hello All, Firstly, Thank you so much to Rebecca and Lauren for all the work you have put in to make this crazy GDPR process easier for us clueless committee members. I have been trying to follow all the posts as much as I can, but I have a few queries, which may have been already asked and answered and i have missed. Our Pre-School is a Tiny pack-away setting, only 5 members on our committee of which 2 of them are the staff members! The other 3 family members are the Chairman, Treasurer and secretary! So any of the work needed to run the committee/financial side is done at our own homes away from Pre-School. At our recent committee meeting when discussing GDPR it was noted that the treasurer and the secretary have all the the parents Email addresses and the Treasurer has all the bank statements of the Pre-School which contain the account numbers and sort codes of the parents accounts. Is all this information ok to be at her home (Obviously if consent is obtained from parents) if it is stored in a lockable filing cabinet? Also, she sends out invoices to Parents via Email. How long should she keep the sent Emails in her sent box? It is sent via a Gmail account. Minutes of previous committee meetings and AGM's.... how long should we keep those? I am sure I had more questions than that.... i will think of them as soon as I have sent this! Thankfully OFSTED have just graded us GOOD.... so we haven't got an imminent inspection to worry about at the same time as GDPR! Many Thanks!
FSFRebecca Posted May 10, 2018 Posted May 10, 2018 Good morning HCooper, well done on making your first post! GDPR is a bit of a minefield isn't it?! I think the most important thing for you to do is audit your provision (using the spreadsheet in the resources section) as this will help you think carefully about what details you are holding, why you are holding them and what you are doing with them. The Pre-School Learning Alliance document will help you think about how long things need to be kept for. I have also just found this document which might be helpful for you. Have a look through and see if you feel clearer - if you have more questions, come back and and ask
Emily_Scott Posted May 10, 2018 Posted May 10, 2018 Hi HCooper I had the same concerns as I work from home 2 days to complete admin for my early years setting. I cannot comment on emails but with the other documents you mentioned I would suggest you put all this into a letter to parents and ask thm to sign. As long as they are aware of the way your setting works and that you have considered all data protection matters, putting as much protocol in place as possible, I would imagine you would be fine. I am very much using the spreadsheet, getting signed permission from parents and rewriting our data policy then seeing how the rest goes. I feel that it will all become clearer once people put all this planning into operation.
HCooper Posted May 12, 2018 Author Posted May 12, 2018 Thank you both for your replies. We have definite let got the ball rolling and seem a lot clearer on GDPR.
denmeadpreschool Posted May 14, 2018 Posted May 14, 2018 Hello All I apologise if this information is already on the site but there is so much to read! I have completed lots of bits in relation to GDPR, Privacy notices for staff and parents, analysis, data agreement forms etc etc but has anyone sorted out visitor's book yet? We used to have several visitors sign in on one page but obviously that isn't correct now and have gone with a book with one page per person. Is it best practice now to get them to read a Privacy Notice? (I am guessing a different Privacy to above) and can we actually delete their data if they choose since we are supposed to keep visitors records for 6 years?
FSFRebecca Posted May 15, 2018 Posted May 15, 2018 We are not making any changes to our visitors policy - we only let people in who have a legimate reason to visit. We will be locking the visitors book away at the end of the day. A one page per visitor book sounds interesting, which one did you get?
Cait Posted May 15, 2018 Posted May 15, 2018 We won't be making any changes to the visitors book in church. The church is open all the time and the book is just left out. Some people put their name with the comments, and some don't. I think with a preschool book, if they were concerned about their name being in it, I think I'd be concerned about their legitimate reason for visiting. If they are from an organisation they could put the name of that and initial it perhaps? Do you get many visitors? Is the book kept locked away in between time?
denmeadpreschool Posted May 16, 2018 Posted May 16, 2018 Thank you for your comments. We planned on making our own book up Rebecca. However, if there is no need maybe we won't! In reply to Cait we don't have any more visitors than most I imagine. Generally people who visit are just interested in a possible place for their child, although with 4 Preschools in the village they may not necessarily choose us. We are based in a hall and the book is always locked away at the end of the day. It's really the fact they can see other people's personal data/details (name and telephone number) that worries me. Am I just being paranoid?...
Cait Posted May 16, 2018 Posted May 16, 2018 (edited) I think it's very easy to become paranoid. Is there any reason why you need this additional data in the visitors book? I think there could be a rethink here about why this data is there. The visitors book should perhaps just contain the person's name and who they came to see, just for recording and fire evacuation necessity. Any additional information you get from them at that point could be confined to a paper form which is then locked in a filing cabinet under 'waiting list' or 'expression of interest' and then shredded at a later date. Edited May 16, 2018 by Cait 2
denmeadpreschool Posted May 16, 2018 Posted May 16, 2018 As far as I can remember we added phone numbers as a health and safety/Ofsted requirement. The reason behind it was so we could make contact with that person if there was a serious illness within the Preschool - which seems highly unlikely I guess but maybe it was when pandemic flu was about. I would need to look into that.
FARM Posted June 5, 2018 Posted June 5, 2018 I just wanted to say that HCooper and Co have my utmost respect. To run a pack away pre-school these days is very commendable, especially as so much more is now expected of us. I have been running my pre-school for 30 years, I luckily could not have imagined all of the changes that would be expected of me when I started! 🙃 3
Shabnam Posted June 18, 2018 Posted June 18, 2018 would anyone be willing to share their policy? and what they sent to parents?
lynned55 Posted June 19, 2018 Posted June 19, 2018 I would but I used the PSLA one, so not sure I should. I can post the letter that went with it. Although I think the resources that Rebecca & Lauren worked so tirelessly on and uploaded- make it quite easy to do your own, or adapt these. Take a peek in the resources section 1
FSFRebecca Posted June 19, 2018 Posted June 19, 2018 Hi Shabnam, Here is the link to the resources section: Resources. As Lynned55 said, Lauren and I put together several pieces that might be helpful. However, there are also member resources that have also been updated to reflect GDPR if you have a look at them
Recommended Posts