Terms & conditions
Privacy policy
All nurseries are trading names of Grandir UK Limited, Registered Company No: 10519700.
We are committed to protecting the privacy and security of your personal information in accordance with the General Data Protection Regulation (GDPR) and all other data protection regulations. This Privacy Policy describes how we collect and use your personal information and “you/your” may refer to Parent/Carer of a Child, Children attending our nurseries and Employees. It also refers to families enquiring about childcare and prospective employees.
Data Protection Principles
We will comply with data protection law and ensure that the personal information we hold on you will be:
Used lawfully, fairly and in a transparent way.
Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
Relevant to the purposes we have told you about and limited only to those purposes.
Accurate and kept up to date.
Kept only as long as necessary for the purposes we have told you about.
Kept securely.
Topics our Privacy Policy Covers:
What personal information do we collect? – Parent/Carer of a Child, Children, Employees
How is your personal information collected? – Parent/Carer of a Child, Children, Employees
How will we use your personal information? – Parent/Carer of a Child, Children, Employees, Prospect Families and Employees
Marketing – Website
Security
Data Sharing
Data Retention
Access to your information and correction
Withdrawing consent
Changes to our privacy policy
How to contact us
WHAT PERSONAL INFORMATION DO WE COLLECT?
Parent/Carer of a Child
We will collect, store, and use the following categories of personal information:
- Name.
- Home address.
- Telephone numbers, and personal email addresses.
- National Insurance number.
- Bank account and debit/credit card details.
We may also collect, store and use the following “special categories” of more sensitive personal information:
- Information about race or ethnicity, spoken language and nationality.
- Conversations with you where our employees deem it relevant to the prevention of radicalisation or other aspects of the governments Prevent strategy.
Children
We will collect, store, and use the following categories of personal information:
- Name.
- Date of birth.
- Home address.
- Birth certificate.
- Dietary requirements.
- Attendance information.
- Photographs and video clips to signpost children to where their belongings are stored at the nursery
- that they attend, and also for general display purposes.
- Emergency contact should parents/carers of a child be unavailable and the emergency contact’s contact details.
- Record book for your child containing the work of your child whilst at nursery, observations about your child’s development whilst at nursery made by our employees, specific examples of your child’s progress, photographs demonstrating your child’s development whilst at nursery, and personal details of your child (e.g. their date of birth) (“Progress Report”)
- Records relating to your child e.g. care plans, common assessment frameworks, speech and language referral forms.
- Accidents and pre-existing injuries forms.
- Records of any reportable death, injury, disease or dangerous occurrence.
- Observation, planning and assessment records.
We may also collect, store and use the following “special categories” of more sensitive personal information:
- Information about race or ethnicity, spoken language and nationality.
- Information about health, including any medical condition, health and sickness records.
- Information about accident or incident reports including reports of pre-existing injuries.
- Information about incident forms / child protection referral forms / child protection case details / reports.
Employees
We will collect, store, and use the following categories of personal information throughout your employment and for as long as is necessary after the termination of your employment:
- Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses.
- Date of birth.
- Gender.
- Marital status and dependants.
- Next of kin and emergency contact information.
- National Insurance number.
- Bank account details, payroll records and tax status information.
- Salary, annual leave, pension and benefits information.
- Start date and, if different, the date of an Employee’s continuous employment.
- Location of employment or workplace.
- Copy of driving licence (where applicable).
- Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process).
- Employment records (including job titles, work history, working hours, holidays, training records and professional memberships).
- Personnel files and training records including performance information, disciplinary and grievance information, and working time records.
- Information about your use of our information and communications systems.
- Records of any reportable death, injury, disease or dangerous occurrence.
We may also collect, store and use the following “special categories” of more sensitive personal information:
- Information about race or ethnicity.
- Information about health, including any medical condition, accident, health and sickness records, including:
- where you leave our employment and under any share plan operated by a group company the reason for leaving is determined to be ill-health, injury or disability, the records relating to that decision;
- details of any absences (other than holidays) from work including time on statutory parental leave and sick leave; and
- where you leave our employment and the reason for leaving is related to their health, information about that condition needed for pensions and permanent health insurance purposes.
- We envisage that we will hold information about criminal convictions. We will only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally able to do so, which includes but is not limited to Disclosure and Barring Service (“DBS”) checks. Where appropriate, we will collect information about criminal convictions as part of the recruitment process or we may be notified of such information directly by you in the course of you working for us. We will use information about criminal convictions and offences in the following ways:
- To conduct a DBS check on you, to record the date of the DBS check, the number of the DBS check and the name of the body conducting the DBS check.
We are allowed to use your personal information in this way to carry out our obligations. We have in
place an appropriate policy and safeguards which we are required by law to maintain when
processing such data.
HOW IS YOUR PERSONAL INFORMATION COLLECTED?
Parent/Carer of a Child and Children
We collect personal information about you and your child from when your initially enquire about our childcare services, through the registration process and until you stop using our services.
Employees
We collect personal information about you through the application and recruitment process, either directly from you or sometimes from an employment agency or background check provider. We may sometimes collect additional information from third parties including former employers, credit reference agencies or other background check agencies.
We will collect additional personal information in the course of job-related activities throughout the period of your employment with us.
HOW WILL WE USE THE INFORMATION ABOUT YOU?
We will only use your personal information listed in ‘What Personal Information do we collect’ when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- Where we need to perform the contract we have entered into with you.
- Where we need to comply with a legal obligation.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We may also use your personal information in the following situations, which are likely to be rare:
- Where we need to protect your interests (or someone else’s interests).
- Where it is needed in the public interest or for official purposes.
Parent/Carer of a Child
Information provided primarily allows us to perform our contracts with you and to enable us to comply with legal obligations. The situations include:
- Your personal information will be shared with local authorities without your consent for funding purposes.
- To report on your child’s attendance
- To be able to contact you or your child’s emergency contact about your child
- To ensure nursery fees are paid
Children
Information provided primarily allows us to perform our contracts with you and to enable us to comply with legal obligations. The situations include:
- Upon consent from you, personal data about your child will be shared with schools for progression into the next stage of their education.
- Personal information about your child will be shared with local authorities without your consent where there is a situation where child protection is necessary.
- The personal information about your child will be shared with local authorities without your consent for funding purposes.
- Ofsted will be allowed access to our systems to review child protection records:
- To ensure we meet the needs of your child
- To enable the appropriate funding to be received
- Report on your child’s progress whilst at our nursery
- To check safeguarding records
- To check complaint records
- To check attendance patterns are recorded
- When your child’s Progress Report is given to you in order for you to pass the same Progress Report to a school for application or enrolment purposes
Employees
Information collected allows us to perform our contracts with you and to enable us to comply with legal obligations. The situations in which we will process your personal information are listed below.
- Making a decision about recruitment or an appointment.
- Checking you are legally entitled to work in the UK.
- Paying you and, if you an employee are deemed an employee for tax purposes, deducting tax and National Insurance contributions (NICs).
- Providing any Employee benefits to you.
- Enrolling you in a pension arrangement in accordance with our statutory automatic enrolment duties.
- Liaising with the trustees or managers of a pension arrangement operated by a group company, your pension provider and any other provider of employee benefits.
- Administering the contract we have entered into with you.
- Conducting performance and/or salary reviews, managing performance and determining performance requirements.
- Assessing qualifications for a particular job or task, including decisions about promotions.
- Gathering evidence for possible grievance or disciplinary hearings.
- Making decisions about your continued employment, engagement.
- Making arrangements for the termination of our working relationship.
- Education, training and development requirements.
- Dealing with legal disputes involving you, including accidents at work.
- Ascertaining you fitness to work.
- Managing sickness absence.
- Complying with health and safety obligations.
- To prevent fraud.
- To monitor your use of our information and communication systems to ensure compliance with our IT policies.
- To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution.
- Equal opportunities monitoring.
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
Prospective Families and Employees
Personal data collected when enquiring about our childcare service or future employment is provided by you and is used to provide the information you have requested. We may also use this data to communicate with you, for example, informing you of upcoming events, updates and special offers. See more information in the ‘Marketing’ section of this policy. This data is not shared with any other organisation outside of Grandir UK.
MARKETING
Personal information collected that has been provided by you may be used to
- E-newsletters and Email updates: We use a third-party provider, Squeezymail and Mailchimp. We gather statistics around email opening and clicks.
- SMS/Test messaging: We use a third-party provider, TextMagic.
- People who contact us via Social Media: We use a third-party provider, Zoho to manage our social media.
- People who email us directly: see section on ‘Security’.
About our website
On visiting our website, it does not store or capture personal information but merely logs the user’s IP address (Internet Protocol: standard allowing data to be transmitted between two devices) which is automatically recognised by the web server.
When someone visits our site, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identifies of those visiting our website.
Site Manager
When providing your personal data on our website using one of the online forms, the information is securely kept in a database that is accessible via a back office and all data forms are emailed to the website administrator.
An SSL Server Certificate following TLS 1.2 (Transport Layer Security) protocol is installed on our website.
Other Websites
Our website contains links to other websites. This privacy policy only applies to this website. When you link to other websites you should read their privacy policy.
Cookies
Our website uses cookies for collecting user information; it does not collect any information about you except that required for system administration of the website. These cookies are pieces of data created when you visit a site, and contain a unique, anonymous number. They are stored in the cookie directory of your hard drive, and do not expire at the end of your session.
These cookies cannot be used to personally identify you.
There are a number of articles online giving further information about cookies and how they work. Learn more here.
You are able to remove all cookies stored on your computer. There are instructions to do that here https://www.aboutcookies.org/
SECURITY
The security of your personal information is taken very seriously. All reasonable endeavours are made to ensure appropriate security measures are in place to protect your personal information against loss, authorised access, destruction, misuse, modification and improper disclosure.
We use strict procedures and security features to protect from unauthorised use, however, no computer system or information can ever be fully protected against every possible hazard.
DATA SHARING
We may have to share your personal information with third parties. We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so. We require third-parties to respect the security of your data and to treat it in accordance with the law.
Parent/Carer of a Child and Children: Which third-party service providers process your personal information?
”Third-parties” includes third-party service providers (including contractors and designated agents), local authorities, regulatory bodies, schools and other entities within our group. The following third-party service providers process personal information about you for the following purposes:
- Local Authorities – for funding and monitoring reasons (e.g. equal opportunities and uptake of funded hours)
- Regulatory bodies – for ensuring compliance and the safety and welfare of the children
- Schools – to provide a successful transition by ensuring information about the child’s progress and current level of development and interests are shared
Employees: Which third-party service providers process your personal information?
The following third-party service providers process personal information about you for the following purposes:
- Banks and Building Societies for payment of salaries and company expense payments.
- HMRC for tax purposes and National Insurance contributions.
- Pension arrangement operated by a group company with the trustees or scheme managers of the arrangement in connection with the administration of the arrangements.
- Medical Brokers for medical insurance
- Life Assurance
- Car Insurance for company car drivers
- Our Employment Law representatives
- Any training providers and any government administration of the apprenticeship levy
Prospective Families and Employees
Marketing data is not shared with any other organisation outside the Grandir UK Nurseries group.
How secure is my information with third-party service providers and other entities in our group?
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
DATA RETENTION
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Details of retention periods for different aspects of your personal information are available in our Retention Policy which is available on request. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of Your personal data, the purposes for which we process Your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer an employee, or a child benefiting from our services or a parent/carer of a child, as is appropriate, we will retain and securely destroy your personal information in accordance with Retention Policy.
ACCESS TO YOUR INFORMATION AND CORRECTION
It is important that the personal information we hold on you is accurate and current. Please keep us informed if your personal information changes.
If you wish to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or would like to transfer your personal information to another party, please do so in writing. See ‘How to Contact Us’.
WITHDRAWING CONSENT
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us in writing. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law
CHANGES TO OUR PRIVACY POLICY
We keep our Privacy Policy under regular review and we will place any updates here. We may also notify you in other ways from time to time about the processing of your data.
This Privacy Policy was last updated on March 2023.
HOW TO CONTACT US
Please contact us if you have any questions about our privacy policy or information we hold about you
- Or write to us at: Grandir UK Limited – Support Office, Tuscany House, White Hart Lane, Basingstoke, Hampshire RG21 4AF