Wigmore Under Fives Preschool

Privacy Policy, GDPR (General Data Protection Regulations)

Who we are

Our website address is: https://wigmoreunderfivespreschool.co.uk.

How we use pupil information

We collect and hold personal information relating to our children and may also receive information about them from their previous setting (if applicable), local authority and/or the Department for Education (DfE). We use this personal data to:

  • support our pupils’ learning
  • monitor and report on their progress (Local Authority Tracking System & Tapestry on-line)
  • provide appropriate pastoral care; and
  • assess the quality of our services

This information will include their contact details, national curriculum assessment results, attendance information, any exclusion information, where they go after they leave us and personal characteristics such as their ethnic group, any special educational needs they may have as well as relevant medical information.

We will not give information about our pupils to anyone without consent unless the law and our policies allow us to do so. 

We are required, by law, to pass certain information about our pupils to our local authority (LA) and the Department for Education (DfE).

DfE may also share pupil level personal data that we supply to them, with third parties. This will only take place where legislation allows it to do so and it is in compliance with GDPR.

Decisions on whether DfE releases this personal data to third parties are subject to a robust approval process and are based on a detailed assessment of who is requesting the data, the purpose for which it is required, the level and sensitivity of data requested and the arrangements in place to store and handle the data. To be granted access to pupil level data, requestors must comply with strict terms and conditions covering the confidentiality and handling of data, security arrangements and retention and use of the data.

For more information on how this sharing process works, please visit: https://www.gov.uk/guidance/national-pupil-database-apply-for-a-data-extract

For information on which third party organisations (and for which project) pupil level data has been provided to, please visit: https://www.gov.uk/government/publications/national-pupil-database-requests-received

Information Sharing

Wigmore Under Fives have signed up to “Luton Borough Council and Luton Schools Early Years and Education Services Information Sharing Agreement”. This is to facilitate sharing of personal and sensitive (special category) data between Luton Borough Council and Luton Schools. Data will be shared primarily via the Council’s IT system for Education called Early Years and Education Services (EYES). The information will be used as per current purposes to assess / support / provide statutory services / early help and intervention. The deployment of the EYES module within Liquidlogic will provide a single platform for Early Help, Social Care and Education Services enabling a ‘one family one view’ integrated platform.

Organisations include:

  • Luton Borough Council (including Social Care, Early Years Team, Special Educational Needs Team, Family Partnership Team)
  • Schools and Ofsted registered Early Years providers
  • The local Children’s Centre
  • Health Service (including Health Visitor, GP, Consultant, Speech and Language support services)
  • Police
  • Multi Agency Risk Assessment Conference

Our Information Sharing Policy sets out our responsibility regarding gaining consent to share information and when it may not be sought or overridden. Policies can be read online on our pre-school web page. 

Legal Framework for Information Exchange

The following key documents provide the main framework for information sharing:

  • GDPR & Data Protection Act 2018 – The main legislative framework for confidentiality and information sharing issues. The legislation stipulates the principles that must be followed when personal or special category data is processed by organisations. The legislation stipulates the conditions under which information may be shared.
  • Human Rights Act 1998 – This Act incorporates Article 8 of the European Convention of Human Rights which provides that everyone has the right to respect for their private and family life, home and correspondence.
  • Children Act 1989 & 2004 -The Acts stipulate requirements to safeguard and promote children’s welfare, along with agencies working together to enable this.
  • Working Together to Safeguard Children 2018 – statutory guidance setting out what organisations and agencies that have functions relating to children, must and should do to safeguard and promote the welfare of all children and young people under the age of 18 in England.
  • Keeping Children Safe in Education 2021 – The guidance sets out what schools and colleges in England must do to safeguard and promote the welfare of children and young people under the age of 18.


To comply with GDPR, we will only use personal information in relation to our childcare service.  We send information about our pre-school by email/phone/other, after gaining permission to do so.  We keep your information so you can receive important updates about our pre-school.  We will keep information secure and will never share it except if required to do so by law

Please be aware that all safeguarding concerns around safety and welfare of a child will be shared with or without consent when it is:

  • To prevent a crime being committed or intervene where one may have been or to prevent harm to a child or adult; or
  • Not sharing information could be worse than the outcome of having shared it
  • Where there is evidence that the child is suffering or is at risk of suffering significant harm.
  • To prevent significant harm arising to children and young people or serious harm to adults, including the prevention, detection and prosecution of serious crime.


All parents will be requested to provide written permission to allow their child to be photographed during an event/play by other parents. All photographs of the children will be taken on the settings kindles and are solely for the purpose of adding observations of the children’s learning and development to our (Tapestry) programme. Notification is necessary if Early Years Settings are processing personal information. This includes taking photographs of the children using a digital camera. Further information on data protection as well as details on how to notify can be found at: https://ico.org.uk/(3.70 EYFS) Please note that although notification is mandatory in most cases the data protection guidance within this document is ‘recommended guidance’ and settings must take individual responsibility for their own data protection issues in accordance with the General Data Protection Act 2018 (3.69 EYFS)

Contact forms

Contact forms used in this website will capture personal data when someone submits a form, such as name, address, email, and phone number. The contact form submissions are kept for a period of time and are not used for marketing purposes.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Spam and Data counting Services

Source: Akismet

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Source: StatCounter.com respects the privacy and rights of its visitors. No effort is made to identify individuals without their knowledge.

Data retention period and Data destruction

Data is only retained for the time during which it may be legitimately needed. When no longer needed, data is destroyed in a manner that does not allow it to be recovered.