GDPR 

Wally & Dolly Agency GDPR

 

General Data Protection Regulations 2018

In accordance with the GPDR Statement.

GDPR stands for General Data Protection Regulation and replaces the previous Data Protection. It was approved by the EU Parliament in 2016 and comes into effect on 25th May 2018. GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that individuals data is not processed without their knowledge and are only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals. Wally & Dolly Agency is committed to protecting the rights and freedoms of individuals with respect to the processing of children's, parents, visitors and staff personal data. The Data Protection Act gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly.

​

​

Data Protection

 

Wally & Dolly take all industry advised precautions to protect any and all submitted and stored data.  We accept no responsibility for loss of data caused by persons with malicious intent, computer attack or infection. 

 

Data Collection:

 

Personal identification information

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Site related activities.

 

Non-personal identification information

 

We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilised and other similar information.

 

Data Controller:

 

The Data controller is Wally & Dolly Agency Ltd

Wally & Dolly Head Office : Rebecca Jackson is the Data Protection Officer, and is contactable on

agency@wallyanddolly.com

07799803944

Unit 5 Watling Court , Ptarmigan Place, Nuneaton, CV116GX 

 

Purpose of Data collection:

 

Data is collected for a variety of purposes:

• Business Administration

• Monitoring marketing effectiveness.

• Facilitate a response to queries,

• Pre-entering data to office systems to expediate sign up processes.

• Improving our services and systems, as well as to allow us to provide requested services.

• To improve customer service
  Information you provide helps us respond to your customer service requests and support needs more efficiently.

• To process payments
  We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.

• Marketing: Use of images collected by Agency4kidz with express consent.

• To run a promotion, contest, survey or other Site feature
  To send Users information they agreed to receive about topics we think will be of interest to them.

• To send periodic emails
  We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their enquiries, questions, and/or other requests. If at any time the User would like to unsubscribe from receiving future emails the User may contact us via our Site.

 

Data Categorisation:

 

Personal – any data which could be used to personally identify an individual including; names, DOB, postal address, telephone/email, IP Address.

Personal & Special – Medical information

Non-personal – Browser name, the type of computer and technical information about Users means of connection to our Site as well as data which has been anonymised.

 

Basis for Processing

​

Consent

 

(Parental permission is required for data of children under the age of 16) (& Processing Special Data)

Contractual necessity Legitimate interests

Explicit consent is requested upon submission of sensitive, children’s data or special data during class enrolment. Consent is also required to send promotional material. Data requested during class sign-up or job application is needed in order to prepare and enter in to a contract. Non personal data collected automatically used for statistical research, direct response to queries.

   

Sharing your personal information

 

We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. Information may be handled by 3rd party Data Processors (Business Partners) on our behalf. Our business partners are

TAGMIN 

 

Business Partners must attest that they also comply with all current legislation and GDPR.

• No data sharing is done internationally

 

How we protect your information – Data Retention & Security

 

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.

Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.

Additionally:

• Personal Data will not be kept for longer than necessary for the purposes for which we are holding that data. 

• Personal Data stored online or offline is protected by password and encrypted.

• Data Transmission occurs only when necessary, only data required for the task is used, and transmission is conducted through SSL.

 

Third party websites

 

Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.

​

YOUR RIGHTS

​

Right to withdraw Consent:

The User has the right to withdraw consent at any time. This request must be submitted electronically to agency@wallyanddolly.com. The request will be also passed by Wally and Dolly Agency Ltd to any 3rd party data processors. Wally and Dolly Agency Ltd will remove or anonymise all stored data from all systems within 7 working days. Should the right to withdraw consent relate to use of images please include as much information & URL Links as possible in order to help with the request.

 

Right to complaint:

Should you believe Wally and Dolly Agency Ltd to have not acted in a fair, proper and safe manner regarding personal data you may submit a complaint the supervisory authority

​

You have the right to

• access to a copy of the information comprised of your personal data;

• object to processing that is likely to cause or is causing damage or distress;

• prevent processing for direct marketing;

• object to decisions being taken by automated means;

• (in certain circumstances) have inaccurate personal data rectified, blocked, erased or destroyed; and

• claim compensation for damages caused by a breach of the Act.

 

Changes to this privacy Notice

 

Wally and Dolly Ltd has the discretion to update this privacy policy at any time. When we do, we will post a notification on the main page of our Site, revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

​

Your acceptance of these terms

 

By using this Site, you signify your understanding of this policy. Express consent for use of special personal data is requested at point of submission. We do not store or track IP address’s with the exception of firewall blacklisting for security purposes.

 

Contacting us

 

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at:
Wally and Dolly Agency Ltd 

42 Turnberry Drive

Nuneaton

CV116TT

​

 

GDPR includes 7 rights for individuals

1) The right to be informed

Wally and Dolly  is registered with Tagmin and  is required to collect and manage certain data. The agency collects parent’s and or guardian's names, addresses, emergency telephone numbers and email addresses. We also collect children’s’ full names, addresses, date of birth along with any SEN requirements and are stored via a secure electronic system Tagmin.

 

This is in respect of our Health and Safety and Safeguarding Policies.

 Wally and Dolly Ltd   is required to hold data on its staff such as names, addresses, email addresses, telephone numbers and bank details. Information such as Disclosure and Barring Service checks (DBS), personal Public Liability insurance, First Aid Certificate's, Membership details and any qualification’s, chaperone licences. This information stored via a secure electronic system and paper  forms are stored in a secured filing cabinet at the School's office.

 

2) The right of access

At any point an individual can make a request relating to their data and Wally and Dolly will need to provide a response (within 1 month). The agency can refuse a request, if we have a lawful obligation to retain data but we will inform the individual of the reasons for the rejection. 

 

3) The right to erasure

You have the right to request the deletion of your data where there is no compelling reason for its continued use. Wally and Dolly  retain any records relating to  accident and injury records for 19 years (or until the child reaches 21 years), and 22 years (or until the child reaches 24 years) for Child Protection records. 

 

 

4) The right to restrict processing

Parents, visitors and staff can object to Wally and Dolly  processing their data. This means that records can be stored but must not be used in any way, for example  Newsletters, General Emails about  news and updates.

​

5) The right to data portability

. Wally and Dolly require's to provide data such as  DOB and birth certificate etc  to clients and councils for licences.. In this case recipients use secure file transfer systems and have their own policies and procedures in place in relation to GDPR.

 

6) The right to object

Parents, visitors and staff can object to their data being used for certain activities like marketing or research.

 

7) The right not to be subject to automated decision-making including profiling.

Automated decisions and profiling are used for marketing based organisations. Wally and Dolly Agency Ltd does not use personal data for such purposes.

 

This Policy was issued by the Principal Rebecca Jackson, owner of Wally and Dolly Agency  in May 2021