What type of information do we collect?
We receive, collect and store any information that you enter on our website or provide to us in another way (such as, putting your details on a sign up form at an event). This can include:
Personal details like names, addresses, email addresses and telephone numbers.
Personal details on your children who are at the school (only if needed for a specific reason, and in as limited form as possible).
Transactional sales data (for example, the number of items you have bought through our website, but not payment data – see below).
Consent from parents/guardians for the collection and use of photos and videos in our promotional materials,
Photographs or videos (e.g. taken at events, that we have had consent to collect).
We do not collect or hold individual payment data. We use third party applications to process electronic payments on our website; Stripe and PayPal. Both of these securely collect customers payment data in accordance with the standards set by PCI-DSS as managed by the PCI Security Standards Council, a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information. We are not able to access any individual payment data on the Stripe or PayPal platforms.
How do we collect this information?
We primarily collect this information electronically; for example, when you sign up to our website or process a transaction such as buy a ticket to one of our events or a piece of 2nd hand uniform. We may collect it from you in person at events, for example through our PTA sign up sheets at welcome events. Photographs/videos taken at events will be taken by the dedicated DBS cleared PTA Photographer, saved onto two PTA SD cards and securely processed, in accordance to the Agreement they sign with us. Your personal information will only be used for the stated reasons in this policy.
We use the data to:
Contact site members and users about new events.
Contact ticket holders about events they have bought tickets for, e.g. sending reminders before an event.
Run PTA events e.g. compile attendee and emergency contact detail lists which, for some events, we will share with the Event Organisers (who are normally PTA Committee Members or Teaching Staff).
Fulfill the orders you place on our website, for example, for 2nd hand uniform or other items.
- Meet our regulatory and legal requirements, for example, accounting purposes or regulatory reporting such as to the Charities Commission.
Ensure that any photo and video data is collected, managed and used legally and appropriately, always subject to parental consent and in accordance with child protection laws.
Consent to use of images of children: Where photographs/videos are taken of children during/at PTA events and you have consented to their use by the PTA, these images will be used by the PTA to share news about our events, publicise current and future events, and communicate to Parents/carers about the work of the PTA. Images may be published on our website, Facebook and Instagram pages, in communications to parents (such as the school’s newsletter and new parent pack) or printed material (for example, in the Summer Fete brochure). Some of these uses will mean that the images become publicly available material and when published on Facebook and Instagram the images will be subject to the privacy policies of those sites. The original data (e.g. photo or video) will be stored securely and deleted when no longer needed for these stated purposes.
Our legal basis for using this data
We only collect and use personal data when the law allows us to. Most commonly, we process it:
to fulfill a transaction (for example, if you buy a ticket for an event or purchase an item in our shop, you are giving us consent to process your data relevant to that contract),
where we have obtained consent to use it in a certain way (for example, for taking photographs at an event which might feature your family or where you've given us consent to share your address with a Sponsor to feature an estate agents board outside your house). You may withdraw your consent at any time, see below for how to do this.
Some of the reasons listed above for collecting and using personal data overlap, and there may be several grounds which justify our use of this data.
How we store this data:
Data will only be kept for as long as the PTA has a legal basis to hold it or as required by regulation.
If you have any questions about this policy, if you do not want us to process your data anymore, if you would like to see a copy of the information we hold on you or to change any of the data or consents previously provided (including it's deletion/withdrawal), please contact us at firstname.lastname@example.org.
To make a formal complaint about the PTA's information rights practices, you can contact the Information Commissioner's Office.