privacy policy

Bourne to Achieve is committed to protecting the rights of individuals in relation to the data held about them – adults and children.

GDPR stands for General Data Protection Regulation. This was approved by the EU and replaces the previous directives for Data Protection. It came into effect on 25th May 2018.

GDPR states that personal data should be ‘processed fairly & lawfully’ and ‘collected for specified, explicit and legitimate purposes’ and that individuals’ data is not processed without their knowledge and are only processed with their ‘explicit’ consent. GDPR covers personal data relating to individuals.

What data is collected?

Contact details

When you contact me in relation to teaching, tutoring or coaching your name, contact details and reason for requesting tuition are noted, as well as any additional information that is offered of school, school year, age of child, interests.

If you don’t go ahead with any sessions, these details are then securely shredded.

Tuition Notes

When you or your child becomes a tutee this data will then include notes of learning needs, lesson content, homework set, progress checks.

How is your data used?

Your contact details are used to book or amend lesson times, send and receive work, send newsletters and questionnaires, and other tutoring matters.

I would also use them to send out birthday or good luck wishes as appropriate.

Once you or your child finishes working with me and is no longer a tutee, texts and emails are likely to be more social, such as finding out how you are doing. They may also contain information about services I am offering. I will need your consent for this.

Tuition Notes are kept in individual folders as evidence of progressive, reflective learning and are used to plan and record lesson details, so we know what has been covered and when.

Is your data shared?

No! I will never share your data with a third party unless express permission is given by you in writing (letter or email). You might ask for a reference for example.

How is your data stored?

Contact details such as mobile number, home phone and email addresses are stored on my mobile phone and email system. Both my phone and laptop are password protected.

Active tuition files, when not being used in a lesson, are stored securely where no-one but myself has access to them.

Once an adult tutee has completed their study with me, the information is stored for 6 years in a locked filing cabinet.

For children, this data is stored until they are 21 years old. See retention periods below. It is then securely shredded.

Your rights

Under the GDPR 2018, you have seven rights called ‘Individual Rights’.

Written simply, these are:

  • The right to know what data is held about you or your child.
  • The right to see it, amend it, or have it deleted.
  • The right to object or limit the processing (use) of it.
  • The right to receive an electronic copy of it if requested.
  • The right not to be included in automatic decisions and profiling.

Bourne to Achieve does not use any data for profiling.

Legal reasons to process (use) your data

There are two legal bases relating to why I collect and use data:

a) Consent: you have given clear consent for me to process (use) personal data for a specific purpose e.g. to stay in touch with you once tutoring has finished.

b) Contract: the processing is necessary for a contract you have with me, or because you have asked me to take specific steps before entering into a contract e.g. you have asked me to tutor you or your child.

This means:

For FORMER tutees, I need consent to continue to stay in touch. You can opt out of this consent at any future time.

For CURRENT tutees, you have asked me to teach you or your child. I need to use this data to deliver appropriate, high quality and effective teaching. e.g. I cannot teach someone if I don’t know their learning needs.

At whatever point the tutoring ends, I would need to request your consent for using your contact details and I would send out a separate email regarding this.

I need to keep secure, password protected records of who has consented and on what legal base and update it when that changes.

GDPR means that Bourne to Achieve must;

  • Manage and process personal data properly
  • Protect the individual’s rights to privacy
  • Provide an individual with access to all personal information held on them if requested.

Final word

This information is designed to help you understand how your data is collected, used and stored securely. I trust that you feel re-assured by the systems in place. Please contact me if you wish to discuss this further.

Bourne to Achieve Privacy Notice April 2019

Let's achieve together

© Bourne to Achieve 2020

Helen Diplock Web Alchemy

07790 404470

Privacy Policy