Privacy Notice – Pink Academy

Pink Academy is committed to protecting the privacy and personal data of learners, parents/carers, staff, visitors and partners. This Privacy Notice explains how we collect, use, store and protect personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who we are

Organisation name: Pink Academy
Contact email: thepinkacademy356@yahoo.com
Safeguarding contact: joanneshillito@yahoo.co.uk

Pink Academy is the data controller for the personal data we process.

What information we collect

We may collect and process the following types of personal data where necessary:

  • Names, contact details and emergency contact information

  • Learner information, including age and course details

  • Attendance, progress and support information

  • Safeguarding and wellbeing information (where required)

  • Staff and contractor information for employment and safeguarding purposes

  • Communications sent to us by email, phone or in writing

How we use personal data

Personal data is used only where necessary to:

  • Deliver education and training services

  • Safeguard children, young people and adults at risk

  • Monitor attendance, progress and wellbeing

  • Communicate with learners, parents/carers and partners

  • Meet legal, safeguarding and contractual obligations

  • Manage complaints, feedback and quality assurance

We only process personal data where we have a lawful basis to do so.

Lawful basis for processing

We process personal data under one or more of the following lawful bases:

  • Legal obligation

  • Public task

  • Legitimate interests

  • Consent (where required)

Where consent is used, it is freely given, informed and recorded, and can be withdrawn at any time.

How we store and protect data

Personal data is stored securely in both electronic and paper formats:

  • Electronic data is held on password-protected systems with restricted access

  • Paper records are stored in locked cabinets within secure premises

  • Access is limited to authorised staff only

Appropriate technical and organisational measures are in place to prevent unauthorised access, loss or misuse of personal data.

Data sharing

We only share personal data where necessary and appropriate, including with:

  • Local authorities and commissioners

  • Safeguarding agencies where required by law

  • Awarding bodies or regulators

  • Professional advisers where legally required

We do not sell personal data and do not share it unnecessarily.

Data retention

Personal data is retained only for as long as necessary, in line with legal, safeguarding and contractual requirements. Data is securely disposed of when no longer required.

International transfers

Personal data is not transferred outside the UK or European Economic Area unless appropriate safeguards are in place.

Your rights

Under data protection law, individuals have the right to:

  • Access their personal data

  • Request correction of inaccurate data

  • Request erasure of data (where applicable)

  • Restrict or object to processing

  • Request data portability

Requests can be made by contacting us using the details above.

Complaints

If you have concerns about how your data is handled, you can contact us directly. You also have the right to complain to the Information Commissioner’s Office (ICO):

Website: www.ico.org.uk
Telephone: 0303 123 1113

Review of this notice

This Privacy Notice is reviewed regularly and updated as required to ensure continued compliance with data protection legislation.