Skip to main content

Friends Of Pre-Prep School (FOPPS) GDPR Policy

1. Introduction

This policy sets out how we collect, process and hold your personal when you visit our event ticket shop or otherwise provide personal data to us. We are Friends Of Pre-Prep School (FOPPS) of Wakefield Pre-Preparatory School, Margaret Street, Wakefield, WF1 2DG. FOPPS has the express purpose of supporting and fundraising for Wakefield Pre-Preparatory School (the School). The collection of data by FOPPS is separate from the School and Wakefield Grammar School Foundation (WGSF). We are the data controller of your personal data supplied to us. If you have any questions about our privacy notice, then please contact [email protected]


2. Why are we collecting the data.

The aim of this Privacy Notice is to be transparent and to provide accessible information about how FOPPS will use personal data as defined in the 1998 Data Protection Act and the 2018 EU General Data Protection Regular (GDPR).

The aim of FOPPS is to raise money for the School by organising fundraising events and also to keep parents abreast of activities within the wider school community. We need to collect some personal information in order to communicate with you about events of potential interest to your child and your family, and to ask for your support in our fundraising efforts.


Why can’t FOPPS ask the school for the information?

FOPPS is a volunteer organisation, although we fundraise for the School, FOPPS is a separate body and we are governed by the rules laid out in our constitution. Therefore the School cannot share any personal information with FOPPS without obtaining permission beforehand. FOPPS are also not permitted to share information with the school without prior permission.


3. Personal Data we collect about you.

Personal data means any information capable of identifying an individual. It does not include anonymised data.


We may process certain types of data about you as follows:

• Identity Data: may include your Name, your child’s name, your child’s class/year group.

• Contact Data: may include your billing address, email address and mobile number.

• Financial Data: may include your bank account and payment card details.

• Transaction Data: may include details about payments and purchases.


3a. Aggregated Data

We may also process aggregated data from your personal data but this data does not reveal your identity and as such in itself is not personal data. An example would be when we

record how many people attended and event and when during the booking period they booked their tickets.




3b. Sensitive Data

The only sensitive data we may in future ask to collect from you is information about allergies your child may have, to be shared only as necessary (usually with those organising

events in which food is served.)


3c. How we collect your personal data

We collect data through a variety of methods:


Direct Interaction: You may provide data by filling in contact detail forms via FOPPS or the School, by signing up to mailing list, by communicating with us by post, phone, email, WhatsApp, social media or Messaging be SMS or other messaging options, or when you:

- order tickets for FOPPS events via ParentPay payment system.

- arrange/volunteer for FOPPS events

- subscribe to our mailing lists, Mums/Dads/Caregiver WhatsApp groups

- give us suggestions or feedback


Automated technologies:

- Contact, financial and transaction data from providers of, payment and delivery services such as Ticket Tailor, Stripe, Square and Mailchimp based inside OR outside the EU.


4. How we use your Personal Data:

We only use your personal data when legally permitted. The most common uses of your personal data are but not limited to:

  • To send bulk emails or personal email regarding events organised by FOPPS.
  • To ensure the effective running of the committee
  • To allow inter year communication via WhatsApp
  • To let you know you have won events/items
  • Share opportunities with you (or your business) to sponsor or provide a service for a PTA organised event, activity or product
  • Keep a record of your response(s) to our volunteer forms
  • Administer and protect FOPPS, including ensuring compliance with any legal or regulatory obligations that we may be subject to incl. knowing the source of monetary donations in order to claim gift aid and administer the donation
  • The Secretary holds a list of all volunteers that attend or wish to be sent a copy of the meeting minutes.
  • Event organiser holds a list of volunteers.
  • The Treasurer holds the completed Gift Aid and PTA donation forms in order to manage the tracking of donations and claiming gift aid from HMRC.
  • The Treasurer submits the personal details of the Trustees (Chairman, Secretary, Treasurer and Headteacher) to the Charity Commission.
  • Volunteers of the PTA share pupil names with a private company who are making Christmas Cards/tea-towels etc as a fundraising activities

Children will never be named in pictures, if/when FOPPS shares pictures of events/activities via the school newsletter, social media or other thank-you communications to companies who have offered sponsorship/provided goods and services for free/discounts. Should you not want your child to appear in any posts please email [email protected].


FOPPS will have to pass information to vetted 3rd parties for events and merchandising. These 3rd parties will have their GDPR policies reviewed by FOPPS’ DPO prior to any such information being shared.


How do you access your information or make any corrections?

If you wish to be removed from the mailing list, WhatsApp group or other database you can do so at any time.

  • WhatsApp - You can remove yourself from a group or ask a member of FOPPS to do it for you.
  • Natwest - If you wish to have bank details removed after payment reimbursement of expenses or winnings or any other payment activity please email the FOPPS treasurer [email protected]


If you believe any of your personal information isn’t accurate or you want any information removed, then please email [email protected]. For security reasons we may

contact you on the registered contract number to confirm you have made this subject access request.


Is your personal information secure?

Yes, the information is held in a secure electronic file. Electronic data is held on password protected machines or secured cloud services. Those passwords are only shared with current members of the FOPPS Committee. Information is stored on, ParentPay, SumUp (card payment portal), WhatsApp (social media), Google Drive (cloud storage) & Natwest bank (FOPPS’ Bank Account). All these organisations have up to date privacy policies in line with current guidelines.


Disclosures of your personal data

We may have to share your personal data with the parties set out below.

  • Service providers who provide IT systems and system administration systems.
  • Professional advisors including bankers, lawyers and insurers.
  • HM Revenue & customs, regulators and other authorities based in the UK and other relevant jurisdictions who require reporting of processing activities in certain circumstances.


How long will FOPPS hold your information?

The information will be reviewed regularly. By law we must keep basic information (including contact, identity and financial and transactional data) for 6 years from the last transaction. There is no defined period of retention, but it should not be kept longer than is

necessary for that purpose or those purposes as defined in this document. Anyone can make a request at any time for their information to be deleted (where it legally can be deleted) by emailing [email protected]





What if someone else (including other parents) send FOPPS information about your child(ren)?

If we are passed any information by a third party that was unauthorised, we will immediately get in touch with you to tell you what we have, who from and why. If you inform us that we are not to have this information it will be destroyed immediately.


How will your information be disposed of?

Once the information deadline has been reached, paper information will be processed for confidential shredding and computer files will be permanently deleted.


Data Breaches

In the event of a data breach, FOPPS will follow a data breach response plan, which includes notifying the individuals affected and the relevant supervisory authority within 72 hours of becoming aware of the breach.


Data Protection Impact Assessments (DPIAs)

FOPPS will carry out DPIAs to assess the impact of processing personal data on individuals’ rights and freedoms, especially in situations where data processing is high risk.


Training and Awareness

FOPPS will provide training to FOPPS committee members on GDPR policy and ensure that they are aware of their responsibilities and obligations.


Changes to our Privacy Notice

We keep our privacy Notice under regular review, and we will place any updates directly to FOPPS communication as well as on email and ParentPay pages.


You can also read more about GDPR on the Information Commissioner’s Office (ICO) website https://ico.org.uk.

You have the right to complain to the ICO if you are concerned about how an organisation is handling your data.


Shopping Cart

    Your cart is empty