Please read our

Privacy Policy

Privacy Policy

1. Introduction

1.1 East Barnet School respects the privacy of our visitors and is committed to safeguarding your online safety by preserving your privacy at any time you visit or communicate with our site. Our Privacy Policy offers you a thorough explanation regarding the personal data you provide to us or any data we may collect from you whilst you are using our website.

1.2 For the purpose of the General Data Protection Regulation (GDPR) (EU) 2016/679, East Barnet School is the data controller. This policy will apply where we determine the purposes and means of processing personal data from our website visitors.

1.3 Our website incorporates specific opt-in privacy controls which affect how we will process your personal data in relation to marketing communications. You can unsubscribe from any marketing communication at any point.

1.4 We use cookies on our website. Where specific cookies are not necessary for the provision of our website, we will make you aware and ask for your consent when you first visit our website. Storage of cookies for all websites can also be controlled via your own browser settings. We will check cookie consent every 30 days.

1.5 Our website incorporates an external online shop where personal details are processed by a third party.

1.6 In this policy, “we”, “us” and “our” refer to East Barnet School.

1.7 This Privacy Policy is updated from time to time; therefore, it should be reviewed occasionally.

2. Collected Information

2.1 Data will be collected and processed during the operations of our website. The following are ways we may perform these actions:

2.2 We may process data about your use of our website (“usage data“). The usage data may include: your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your visits. The source of the usage data is Google Analytics. This usage data may be processed for the purposes of analysing the use of the website. We monitor this data to improve our website.

2.3 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“notification data“). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent – you may unsubscribe at any time.

2.4 We may process information contained in or relating to any communication that you send to us (“correspondence data” and “enquiry data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping.

2.5 We may process account data when accounts are set up (“account data“). The account data and service data may include your name, email address, telephone number, address and name of your child and form group. The source of the account data and service data is provided by you when using our website services. Inactive accounts may be kept for up to 12 months. The account data and service data may be processed for the purposes of operating our website, providing our services, and communicating with you.

2.6 We may process information relating to purchasing transactions, that you enter into with us through our website (“transaction data“). The transaction data may include your contact details. We do not collect or store any card or bank details on our website, as all transactions are processed through a third party, namely ParentPay. The transaction data may be processed for the purpose of supplying the purchased goods and keeping proper records of those transactions. We may keep all data relating to completed purchases for up to 12 months, cancelled orders for up to 60 days, failed and pending orders for up to 30 days.

2.7 We may process information that you post for publication on our website or through our services (“publication data“). The publication data may be processed for the purposes of enabling such publication and administering our website and services.

2.8 If for any reason you communicate with our staff or website, we may collect information.

2.9 In addition to the specific purposes for which we may process your personal data set out in Section 3, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another person.

3. Shared Information

3.1 We may disclose your personal data to third party service providers, namely MailChimp, insofar as reasonably necessary for the purposes of communication, set out in point 2.3.

3.2 We may disclose your personal data to third party service providers, namely Google, insofar as reasonably necessary for the monitoring and improvement of our website, set out in point 2.2.

3.3 Financial transactions performed as a referral from our website may be handled by our payment services providers, namely ParentPay. You can find information about the payment services providers’ privacy policies and practices at https://www.paypal.com/en/webapps/mpp/ua/privacy-full.

3.4 The hosting facilities for our website are situated in the EU, however, we may, in the future, use a hosting provider located outside of the EU. Transfers to any other country will be protected by appropriate safeguards that are expected in the General Data Protection Regulation (GDPR) (EU) 2016/679.

3.4 In addition to the specific shared personal data as outlined above, we may share your data with other third party service providers.

3.6 You acknowledge that personal data that you submit for publication through our website may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

4. Retaining and Deleting Personal Data

4.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

4.2 We will retain your personal data as follows:

(a) Mailing Lists will be retained for a continuous period of time, following the date of joining. You have the ability to unsubscribe from any communication via the most recent mailshot (found at the bottom of the email), or by contacting us at any time.

4.3 In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:

(a) the period of retention of contact form information (including, but not limited to: attendance data, Bromcom data, Skooler data, Finance data) will be determined based on the relevance of the information, and how it is processed within the school.

Notwithstanding the other provisions of this Section 6, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

5. Personal Data Storage

5.1 Locations outside the European Economic Area may be used for transferring data we collect about you. These data sites are for storing or processing of your information. The information we share outside the European Economic Area may be shared with staff based on the process and storage of said data. It may include such processes as processing a payment or offering support for your service or product needs. The staff processing or storing information may work for our suppliers outside the European Economic Area. By submitting your data to use you have agreed to this transfer and storage of data. We take all reasonable action to ensure the safety of your personal data in agreement with this Privacy Policy.

5.2 Information we are provided will be stored on secure servers. Transaction data is encrypted for your safety.

5.3 You should understand data via online transmission is not completely secure. We cannot guarantee full protection and security data, only that we take all reasonable action to protect information sent to us electronically. Transmission of any data by you is at your own risk. Where applicable you may be given access to sections of our site that require a password. You are responsible for the passwords safety and confidentiality.

6. Your Rights

6.1 Some of your rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

6.2 Your principal rights under data protection law are:

(a) the right to access;

(b) the right to rectification;

(c) the right to erasure;

(d) the right to restrict processing;

(e) the right to object to processing;

(f) the right to data portability;

(g) the right to complain to a supervisory authority; and

(h) the right to withdraw consent.

7. Information Accessibility

7.1 We cannot withhold data we collect about you, as per The Data Protection Act 1998. This act provides you with access to any information we may hold on you. If you wish to have access about our data collection on you please use the contact details below. This service may incur a fee. The fee covers our costs for processing your request and getting the data to you. Please use the contact details below to formulate your data access request.

8. Cookies

8.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

8.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

8.3 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

8.4 We use cookies for the following purposes:

(a) Authentication – we use cookies to identify you when you visit our website and as you navigate our website (cookies used for this purpose are: identify cookies);

(b) Analysis – we use cookies to help us to analyse the use and performance of our website and services (cookies used for this purpose are: identify cookies); and

(c) Cookie Consent – we use cookies to store your preferences in relation to the use of cookies more generally (cookies used for this purpose are: identify cookies).

8.5 Cookies used by our service providers:

(a) Our service providers use cookies and those cookies may be stored on your computer when you visit our website.

(b) We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

8.6 Managing cookies:

(a) Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: Chrome; Firefox; Opera; Internet Explorer; Safari; and Edge.

(b) Blocking all cookies will have a negative impact upon the usability of many websites.

(c) If you block cookies, you will not be able to use all the features on our website.

9. Third Party Links

9.1 Third party links may be discovered on our site. These third party links have their own privacy policy, which you agree to when you click on the link. We are not responsible, nor do we accept responsibility for third party links. Our liability covers us only on our site, and thus we do not accept liability for third party links as we have no control over them.

10. Amendments

10.1 We may update this policy from time to time by publishing a new version on our website.

10.2 You should check this page occasionally to ensure you are happy with any changes to this policy.

10.3 We may notify you of changes to this policy via a notification on our website.

11. Our Details

11.1 This website is owned and operated by East Barnet School.

11.2 We are registered Academy Trust and a charitable company limited by guarantee in England and Wales under registration number 07552702.

11.3 Our principal place of business is at Chestnut Grove, East Barnet, Hertfordshire EN4 8PU.

11.4 You can contact us:

(a) by post, to the postal address given above;

(b) using our website contact form;

(c) by telephone, on 020 8344 2100; or

(d) by email, using enquiries@eastbarnetschool.com.

12. Data Protection Officer

14.1 Our data protection officer can be contacted on the details above.

d
c