La Petite French School Data Protection Policy
Maintaining your privacy and your trust is very important. We strive to be especially clear on how we use your personal information if and when we collect it, and on the ways in which we can work together to protect your privacy.
The General Data Protection Regulation (also known as Regulation (EU) 2016/679 or “GDPR”) and the Data Protection Legislation of EU Member States enshrining the GDPR into local legislation.
– Identity and contact information of the data controller
– Legitimate interests of the data controller or third party (if applicable)
– Purpose of the processing and the lawful basis for the processing
– Categories of personal data to be processed
– Details of whether personal data came from direct or indirect sources
– Recipients or categories of recipients of the personal data
– Details of data transfers to a third country and safeguards
– Length of time personal data is processed and any criteria used to establish the length of time the data is processed
– Data Subject’s Rights (Your rights)
– Right to complain to the supervisory authority/regulator
– Details of any part of a statutory or contractual requirement and possible consequences of failing to provide the personal data
– The existence of any automated decision making, including profiling and information about how decisions are made
What products and services are covered by this policy?
For the purposes of the data protection & privacy legislation the Data Controller is:-
(“I”,”we,” “us,” “our”)
La Petite French School
La Petite French School®
Purpose and legitimate interest | How do we use the information we collect?
We may use the information we collect for a variety of purposes, including to:
– Make our Services work for you;
– Provide, operate, maintain, improve, personalise, and promote our Services;
– Develop new products, services, features, and functionality;
– Process and complete transactions, and send you related information, including purchase confirmations and invoices;
– Communicate with you, including responding to your comments, questions, and requests; providing customer service and support;
– Providing you with information about services, transmitting technical notices, updates, security alerts, administrative messages, or advertising or marketing messages;
– Providing other news or information about us;
– Monitor and analyse trends, usage, and activities in connection with our Services;
– Investigate and prevent fraudulent transactions, unauthorised access to our Services and other illegal activities.
Lawful Basis of Processing
How do we get your consent for collecting and storing your information?
– We only process personal data on the basis that such processing is necessary in order to enter into or perform a contract for our service(s) and/or;
– Processing is necessary for compliance with a legal obligation to which the controller is subject and/or;
– Personal data is only processed on the basis we have a legitimate interest which is not overridden by the rights or freedoms of the affected data subjects or;
– Personal data is only processed on the basis that the data subject has consented to such processing.
Categories of personal data and Sources
What information do we collect from you, and how is it used?
You can visit our website without telling us who you are and without revealing any personal information about yourself. To provide full service however, we will most often need to collect some personal information. For instance, we collect information about you when you request information or register. The types of Information we collect may include email address, country of residence, your name, your child’s name, your child’s date of birth and postal address and phone number.
We do process sensitive / special categories of customer’s personal data which include your child’s date of birth. This is to ensure that we are offering the appropriate course and safeguards for your child. Due to the nature of our business we do process personal data of data subjects under the age of consent (children), this with the knowledge of you their parent or guardian.
We may collect “cookie” information that we may save to your computer or mobile device. Cookies are small data files stored on your hard drive or in device memory.
We may record certain information and store it in log files when you interact with our Services. This information may include Internet protocol (IP) or other device addresses or ID numbers as well as browser type, Internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, your mobile carrier, and system configuration information.
We and our analytics providers also collect and store analytics information when you use our Services to help us improve our Services. We make sure this data is anonymous by not connecting any analytics data to personally identifiable data such as a name, email address, physical address, or phone number.
Interactions with our organisation
We may record information from telephone calls, emails, classes and meetings.
How we share information?
We are not in the business of selling your personal information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your personal information with third party data processors, as set forth below:
With your consent:
We will not share your personal information with companies, organisations, or individuals who are not associated with us unless we have your affirmative consent to do so.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights: We may disclose your information (including your personal information) to a third party if:
– We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request
– To protect the security or integrity of our products and services
– To protect our property, rights, and safety and that of our customers or the public from harm or illegal activities
– To respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person;
– To investigate and defend ourselves against any third-party claims or allegations.
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will notify you of such a change in ownership or transfer of assets by posting a notice on our website.
We do not transfer customer data globally including outside the European Union.
How long will we keep the personal data?
Retaining some data may be subject to a statutory retention period and this must be adhered to, (to keep certain data for a minimum period of time). This may include personal data (name, address, contact details), but on expiry of such statutory requirement, such data will be destroyed securely. Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
Statutory or other requirements
The data controller does not process personal data in respect of any statutory requirement, nor require personal data to be supplied as part of any contractual agreement, however in respect of the controller’s services, certain communications may not be possible without such personal data being supplied.
Profiling and Automated Decision Making
Profiling or automatic decision making processes maybe undertaken. This includes the use of profiling for marketing automation, and for the use of online advertising.
Your rights: Your fundamental rights as a Data Subject are:
1. The right to be informed
2. The right of access
3. The right of rectification
4. The right of erasure (often known as the right to be forgotten)
5. The right to prevent processing
6. The right to data portability
7. The right to object
8. Rights in relation to automatic decision making and profiling
Under the right of access (2), you have the right to obtain:-
– Confirmation that your data is being processed
– Access to your personal data; and
– Other supplementary information
So that you are aware of and can verify the lawfulness of the processing. Your right to access can be exercised by contacting the data controller as above. Please note that not all fundamental rights are absolute.
You’re right to complain to the supervisory authority/regulator
You have the right to complain about organisations processing your personal data. You can exercise this right by contacting the supervisory authority of the data controller as follows:-
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate) or +44 1625 545 745 if you prefer to use a national rate number