Smart Start Day Nursery

Data Privacy Policy

Smart Start Day Nursery will collect and process data concerning staff, parents, children and any other individual who comes into contact with the nursery.

The purposes of collecting and using this data vary. Smart Start Day Nursery is committed to protecting all individual’s right to privacy.

Smart Start Day Nursery is committed to complying fully with the requirement of the General Data Protection Regulation (GDPR). This policy outlines how Smart Start Day Nursery collects, manages and stores personal data in order to comply with the law. In alignment with this, Smart Start Day Nursery has processes in place to reduce the risk of any data breach.

This policy applies to;

  • All staff and volunteers employed by Smart Start Day Nursery
  • All contractors, suppliers and other people working on behalf of Smart Start Day Nursery

The data collected can include (not limited to):

  • Names of individuals
  • Postal & Email addresses
  • Telephone numbers
  • Photographs
  • Wage and salary information
  • Bank account details
  • Medical records
  • Date of births
  • Copies of identification
  • Curriculum Vitae’s (CVs)
  • Staff performance records
  • Disciplinary records
  • Accident and incident records


Data Collection & Storage

Smart Start Day Nursery will protect the rights and freedoms of personal data and be transparent in how it is collected, managed and stored. Smart Start Day Nursery will always collect relevant data for specified, legitimate purposes.

Smart Start Day Nursery stores data received through information given and consent agreed. Terms and conditions are read and agreed by the individual. This data is stored in hard copy in a secure office environment. Some data is stored and managed digitally via Famly (Nursery Management Cloud Software). By Agreeing to the Smart Start Day Nursery privacy policy you are also acknowledging Famly’s privacy policy and terms.


Data Retention

Smart Start Day Nursery will keep data for no longer than is required for the purposes it was collected. Smart Start Day Nursery will keep data as secure as possible to guard against unauthorised access and accidental loss or damage.


Staff Responsibilities

Smart Start Day Nursery members of staff have a responsibility to ensure that personal data is collected, stored, managed and disposed of appropriately.

  • Data should only be used for its original purpose.
  • Personal data must not be communicated to other persons or organisations unless required to do so by law.
  • Personal data should only be shared for a legitimate purpose once the identity of the individual and/or the organisation they are representing is confirmed.
  • To ensure personal data is kept secure, computers and tablets should have necessary security measures implemented.
  • Secure usernames and passwords are required to store digital data and should not be shared with outside parties.
  • Data should be regularly updated, reviewed and disposed of responsibly when necessary.
  • Smart Start Day Nursery will provide training to all employees to help them understand their responsibilities when handling data.
  • Data accessed through nursery management software should not be downloaded or saved to staff personal computers or hardware.
  • Employees should avoid leaving sensitive information out on display.
  • Documents containing personal data should be taken to a nursery or office to be placed in a confidential waste bin, burned or shredded, they should not be placed in general waste bin.


Sensitive Personal Data

Smart Start Day Nursery recognises that some sensitive personal data will be required as part of the application process for both staff and children in nursery. Please see below reasons for collection and the process of this.


Data collected

Reason for collection

Collection process

Childs health information

Emergency Use

Information given and consent agreed.

Employee Health information

Emergency Use

Information given and consent agreed.

Childs religion & ethnicity


Information given and consent agreed.


Smart Start Day Nursery only collects and stores sensitive personal data when explicit consent is given.


Criminal Convictions and Offences

Smart Start Day Nursery, as a childcare provider is required by law to review the history of employees in relation to historic criminal convictions and offences.

Data collected

Reason for collection

Collection process

Employee DBS check

Legal obligation – Safeguarding requirement

Information given and consent agreed – DBS check date recorded


Data Subject Rights

Personal data collected and stored by Smart Start Day Nursery remains the property of the individual. The individual providing the data retains the right to know what personal information is stored, where it is stored and managed, as well as the purpose. Smart Start Day Nursery can provide a copy of personal data if a subject access request (SAR) is submitted. Once a data request is submitted, this will be supplied within one month.

The subject of data has the right to be forgotten and can request for Smart Start Day Nursery to delete personal data. However, where required by law, data will be kept for the appropriate amount of time.

The data subject retains the right to update their personal data where required.

If you are unhappy with the handling of a SAR or have concerns with how Smart Start Day Nursery handle data, please let Smart Start Day Nursery management know immediately. If you are still unsatisfied, you have the right to contact the Information Commissioners Office and raise a concern with them. They can be contacted on: or 0303 123 1113.

Data Breaches

Should a member of staff become aware that a data breach has occurred, this must be reported to management immediately.


Child Protection Policy

Smart Start Day Nursery Ltd operates the following policy on its website regarding the use of photographs, to ensure the privacy and safety of children:

  1. Children will not be named
  2. Where a photograph is used which shows a child, no name will be displayed.

By observing these points, the nursery ensures that visitors to the website cannot link images of pupils to names of pupils.

The nursery follows a policy of seeking parents’ permission before using images which show children on the website.

No other private information about children is ever published on the website such as surnames or contact details.


Website Privacy Policy

We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.

(1) What information do we collect?

We may collect, store and use the following kinds of personal data:

  1. Information about your visits to and use of this website;
  2. Information about any transactions carried out between you and us on or in relation to this website;
  3. Information that you provide to us for the purpose of registering with us, and/or leaving guestbook comments, and/or subscribing to our website services and/or email notifications.

(2) Information about website visits

We may collect information about your computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. We may use this information in the administration of this website, to improve the website’s usability, and for marketing purposes.

We use cookies on this website. A cookie is a text file sent by a web server to a web browser and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

We may send a cookie which may be stored by your browser on your computer’s hard drive. We may use the information we obtain from the cookie in the administration of this website, to improve the website’s usability and for marketing purposes. We may also use that information to recognise your computer when you visit our website, and to personalise our website for you.

Most browsers allow you to refuse cookies. (For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector.) This will, however, have a negative impact upon the usability of many websites.

(3) Using your personal data

Personal data submitted to this website will be used for the purposes specified in this privacy policy or in relevant parts of the website. In addition to the uses identified elsewhere in this privacy policy, we may use your personal information to:

  1. Improve your browsing experience by personalising the website;
  2. Provide other organisations with statistical information about our users – but this information will not be used to identify any individual user.

We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.

(4) Other disclosures

In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this privacy policy, we may disclose information about you:

  1. To the extent that we are required to do so by law;
  2. In connection with any legal proceedings or prospective legal proceedings;
  3. In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
  4. Except as provided in this privacy policy, we will not provide your information to third parties.

(5) Security of your personal data

We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

(6) Policy amendments

We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.

(7) Third party websites

The website contains links to other websites. We are not responsible for the privacy policies of third party websites.

(8) Our contact details

Please see here for our contact details.

Website Disclaimer

(1) Introduction

This disclaimer governs your use of our website; by using our website, you accept this disclaimer in full. If you disagree with any part of this disclaimer, do not use our website.

(2) Intellectual property rights

Unless otherwise stated, we or our licensors own the intellectual property rights in the website and material on the website. Subject to the licence below, all our intellectual property rights are reserved.

(3) Licence to use website

You may view, download for caching purposes only, and print pages from the website, provided that:

  1. You must not republish material from this website (including republication on another website), or reproduce or store material from this website in any public or private electronic retrieval system;
  2. You must not reproduce, duplicate, copy, sell, resell, visit, or otherwise exploit our website or material on our website for a commercial purpose, without our express written consent.

(4) Limitations of liability

The information on this website is provided free-of-charge, and you acknowledge that it would be unreasonable to hold us liable in respect of this website and the information on this website.

Whilst we endeavour to ensure that the information on this website is correct, we do not warrant its completeness or accuracy; nor do we not commit to ensuring that the website remains available or that the material on this website is kept up-to-date.

To the maximum extent permitted by applicable law we exclude all representations, warranties and conditions (including, without limitation, the conditions implied by law of satisfactory quality, fitness for purpose and the use of reasonable care and skill).

Our liability is limited and excluded to the maximum extent permitted under applicable law. We will not be liable for any direct, indirect or consequential loss or damage arising under this disclaimer or in connection with our website, whether arising in tort, contract, or otherwise – including, without limitation, any loss of profit, contracts, business, goodwill, reputation, data, income, revenue or anticipated savings.

However, nothing in this disclaimer shall exclude or limit our liability for fraud, for death or personal injury caused by our negligence, or for any other liability which cannot be excluded or limited under applicable law.

(5) Variation

We may revise this disclaimer from time-to-time. Please check this page regularly to ensure you are familiar with the current version.

(6) Entire agreement

This disclaimer constitutes the entire agreement between you and us in relation to your use of our website, and supersedes all previous agreements in respect of your use of this website.

(7) Law and jurisdiction

This notice will be governed by and construed in accordance with English law, and any disputes relating to this notice shall be subject to the exclusive jurisdiction of the courts of England.

(8) Our contact details

Please see our Contact Page for our contact details.




Page Updated 25th May 2018