Privacy Policy
Who we are
CoderDojo KU is a club operated by Kingston Coding for Kids CIO, a charity registered in England and Wales (No. 1208175), whose registered address is 82a James Carter Road, Mildenhall, IP28 7DE ("we, "us" or "our"). We are committed to protecting and respecting your privacy.
We organise events to enable young people to learn coding and we may also advertise similar events organised and/or hosted by other Dojos (“Services”). This privacy policy sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in relation to the Services. Please read the following carefully to understand how we will use your personal data.
For the purpose of data protection legislation in the UK, we are the controller of personal data.
The categories and source of personal data we process, and our purposes for doing so
We process the following categories of personal data for the following purposes:
-
Event Registrations: Information that you provide to us when registering to attend an event organised by us (“Event”) includes your name and email address (“Event Registration Information”). You may also provide us with your child’s gender indirectly by registering to attend a female-only Events, and we store this data in line with our data retention policy set out below. We need your Event Registration Information to administer requests by you to attend events organised by us and your participation at such events and to communicate with you should we need to about your attendance at such events, and we have a legitimate interest to process this personal data for the purposes of providing the Services to you.
-
Direct Marketing: We may also use your Event Registration Information to send direct marketing to you to keep you informed of events, programmes and online materials made available from us and by the wider CoderDojo movement from time to time (which is a network of Dojos offering coding clubs and coding-related products and services) where we are legally permitted to do so or where you have consented to receiving direct marketing from us. Where we process your information for direct marketing, we are relying on your consent as a means to process your information where legally required to do so.
-
Event Photographs and Video Footage: We may take photographs and/or video footage of those attending one of the Events. We do this to promote us, the Dojos and the Events. We will only take photographs and/or video footage containing your image if we have your consent, which we seek to obtain from you when you register to attend the Event. In these circumstances, we are relying on your consent as a means to process your information where legally required to do so.
-
Correspondence: If you contact us, we may keep a record of this correspondence for the purposes of processing any request, comment or complaint that we may receive from you. We have a legitimate interest to process this personal data in order to respond to such request, comment or complaint.
-
Website Access and Cookies: We use “cookies” to allow parts of the site to operate. We cannot identify individual devices or individuals from this information. A cookie is a piece of information that is stored on your computer’s hard drive and which records your navigation of a website. You can normally alter the settings of your browser to prevent acceptance of cookies. If you do not want us to deploy cookies in your browser, you can set your browser to reject cookies or to notify you when a web site tries to put a cookie on your computer. However, rejecting cookies may affect your ability to use some of the functionality of our website. We will not set cookies on your browser that are not strictly necessary for the operation of the website, without obtaining your prior consent.
We are required to comply with certain legal and regulatory requirements when providing our Services and we may process personal data in order to comply with those requirements, which may include reporting and monitoring obligations. We may process your personal data where necessary to comply with such legal or regulatory obligations, to which we or regulators or law enforcement agencies are subject.
Who we may share personal data with (recipients or categories of recipients of the personal data)
We do not sell mailing lists to third parties for their marketing purposes.
Where required or permitted by law, information may be provided to others, such as regulators and law enforcement agencies.
To provide our Services we may use third parties, including a third party providing our event booking facility, a third party provider of a marketing platform that we use for direct marketing and informing you about the Events, and a third party cloud services provider to store our mailing list and any other information you may provide to us. In order to be able to offer our Services to you, these third parties will have temporary or permanent access to your personal data. As a result of data protection legislation in the UK, if these third parties want to process your personal data beyond what we require, these third parties are required to seek your consent to do so. If you share your personal data with third parties directly, it is likely that your personal data will be subject to their privacy policy. We encourage you to read the terms of their privacy policy carefully.
Cross border transfers of personal data
We will not transfer your personal data outside of the UK, except to our third parties that we have instructed to help us provide the Services to you, including in particular that we use our Google drive account to store your data, which may be in any one of its geographically distributed data centres as part of its cloud platform. In the case of these transfers, we will use reasonable efforts to put in place appropriate safeguards to cover transfers of your personal data including, for example, signing standard contractual clauses/data protection clauses adopted by the European Commission, or where applicable, relying on a Privacy Shield certification where the transfer contains a US entity. Please click here for a link to the standard contractual/data protection clauses and click here for more information about the Privacy Shield for US companies.
If there are any other circumstances which would require us to transfer your personal data outside of the UK, we will seek your consent to transfer your personal data outside of the UK. In the event of such a transfer, where applicable, we will put appropriate safeguards in place to cover transfers of your personal data including, for example, signing standard contractual clauses/data protection clauses adopted by the European Commission, or where applicable, relying on a Privacy Shield certification where the transfer contains a US entity.
The period for which the personal data will be stored or the criteria used to determine that period
We store personal data in line with legal, regulatory and best-practice requirements.
We keep your personal data, including information and correspondence collected by us or provided to us for a period of 6 months after you register to join our email list or after you attend one of our Events.
Your rights
As a result of us processing your information, you have a right to:
-
to access personal data held about you;•
-
to request us to make any changes to your personal data if it is inaccurate or incomplete;
-
to request your personal data is erased where we do not have a compelling reason to continue to process such data in certain circumstances;
-
to receive your personal data provided to us as a data controller in a structured, commonly used and machine-readable format where our processing of the data is based on: (i) your consent; (ii) our necessity for performance of a contract to which you are a party to; or (iii) steps taken at your request prior to entering into a contract with us and the processing is carried out by automated means;
-
to object to, or restrict, our processing of your personal data in certain circumstances;
-
to object to, and not be subject to a decision which is based solely on, automated processing (including profiling), which produces legal effects or could significantly affect you; and
-
to lodge a complaint with a data protection supervisory body, which at present, is the Information Commissioner’s Office
To exercise any of your rights set out above, including to withdraw your consent where we have stated we are processing your personal data based on your consent, please contact us.
Contact us
If you have any questions or concerns about this privacy policy or your personal data, please contact us.
Updates to this privacy policy
This privacy policy was last updated in August 2024. Any changes we may make to this privacy policy in the future will be made available to you on this page and, where appropriate, notified by email. Please check back regularly to keep informed of updates or changes to this privacy policy.