Legal Information Notice - GDPR

                GENERAL DATA PROTECTION REGULATION (GDPR) from 25th May 2018

I am a fully qualified dance teacher and children’s party entertainer and acknowledge that I am no expert in Data protection. However, I have a responsibility under the new GDPR – which replaces the old Data Protection Act – to advise you of how I deal with personal data.

The GDPR requires that I let you know what personal data I hold (electronically) and what I do with that data, who it is shared with and ask whether you are happy that I have that information and share it with those people.

Here at Pirouette Parties, I hold very little personal data and much of that is not electronically stored.

The data that I do hold is the information (name and age/birth date, home address) that is kept on booking forms for information of the relevant party/event. I keep a copy of the booking form in hard copy. Any emails that are written personally to you are also retained electronically.

The information that you give me when booking a party/event is all that I have on record, so this would be :-

Your first and surname, Email address, phone number for emergencies, child’s name, child’s D.O.B, home postcode, Age of child on their birthday.

When I request the original data from you, you are aware that it is Pirouette Parties that requires the information and is partially for the safe-guarding of your chid.

You have the following rights under this regulation 

  1. the right to be informed (of any changes we feel it is necessary to make) 
  2. the right of access (to individual, relevant data that I hold)
  3. the right of rectification (to change what is no longer correct)
  4. the right to erasure (where you request information to be erased, or deleted, this will be done.)
  5. the right to data portability (the moving of data from data-base to data-base within my control)
  6. the right to object (to data that I request or other notification from me regarding changes)
  7. the right not to be subject to automated decision-making – including profiling (I do not do this)

When I have finished the birthday party, Hen Do party/event, after a period of around 12 months, that data may be deleted from any records that I hold, simply by using the ‘DELETE’ function of the computer. The storage of the data is normally in Word, Excel or other word – processing, commonly-used format. 

There will be no charge for any of these services by myself.

Children, at this time, are considered young persons under the age of 16. This is liable to change to 13 in the UK at some time in the future and the young person will be responsible and able to make these requests themselves. No data will be given to anyone who cannot demonstrate that they have a legal right to that data – i.e. – proof of ‘parental responsibility’.

A period of 1 month is required for us to respond to any request under this regulation.

Data Breaches

My system is covered via the normal computer protections for a computer – passwords, virus and firewall-protection, etc.

Due to the minimal amount of data that I hold, I believe that there is little risk to the rights and freedoms (resulting in discrimination, damage to reputation, financial loss, loss of confidentiality or other significant economic or social disadvantage) of individuals in the case of any data-breach and therefore specific detection systems for identifying such a breach will not be put in place. Should anyone have a problem with this, we will happily remove any relevant data from my system and a hard-copy will be retained.

Pirouette Parties does not operate internationally and therefore the ongoing activities of the Article 29 Working Party (which deals in cross-border data processing) will not be considered.

Thank you

Mrs Charlotte Griffiths, Owner of Pirouette Parties 

  Pirouette Parties