On 25 May 2018 the General Data Protection Regulation (EU) 2016/679 (GDPR) came into force in the UK. The GDPR is a regulation under EU law on data protection, which sets out a comprehensive framework relating to the processing (i.e. collection, use storage and disclosure) of personal data within the European Union. The regulation is intended to harmonise the EU’s policies on data protection; transform the way in which personal data is collected, shared and used globally, and strengthen the safety and security of the way in which personal data is stored within an organisation. The regulations are based on the idea that personal data is the fundamental right of individuals. With certain exceptions, the GDPR is applicable to the majority of data processing within the EU. Within the UK, the GDPR operates alongside the Data Protection Act 2018 (DPA 2018).
The GDPR is considered the most significant data protection legislation of the last 20 years. There is a vast amount of information about the regulations available online. The Information Commissioner's Office (ICO) provides a good starting point with its Overview of GDPR.
We only hold minimal and relevant child and parent data for administrative and assessment purposes. Only data that has been volunteered by individuals, parents or guardians is held. This is the data that you volunteer when you book a session or activity.
We store the following data ..
Data is held in encrypted and password protected form and is only accessible to the microGeeks Team
You can request a copy of your data or request it is amended or deleted at any time.
Your data will never be shared with any individual, organisation, business or agency outside microGeeks, except in the case of a criminal prosecution when data may be shared.
Child and parent data is not shared with other children and parents without the explicit permission of the child or parent who's data is to be shared.
We comply with GDPR in a number of ways:
● Cloud hosted - We are fully hosted in the cloud in servers.
● No third parties – We do not share personal data with third parties.
● Permanent deletion of data – All users can make access requests by contacting email@example.com