Privacy Policy

Privacy Policy (How we use student information)

This Privacy Policy describes the practices used by the Academy of Dance Arts in collecting and processing personal data for its operation as a school. The new General Data Protection Regulation, GDPR, defines “personal data” as any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier including name, surname, date of birth, exam results and health information.

The categories of student information that we process include:

• personal identifiers and contacts including name, surname, gender, date of birth, unique student code, address, contact details of legal guardians, information on any dance classes attended prior to joining the school, unique code for Imperial Society of Teachers of Dancing – ISTD exams (where applicable), and unique code for Spanish Dance Association – SDA exams (where applicable);

• characteristics including ethnic origin (only in the case wherein student is taking an exam organised by the ISTD);

• special educational needs;

• medical administration including doctors’ reports, child health, allergies and medication (only if the school needs to be made aware of such);

• attendance including classes attended, classes missed and reasons for absence;

• assessment and attainment including, where applicable, results of mock exams, mid-term performance assessments, results of exams of ISTD and SDA (where applicable);

• passport number and/or other identification document number in the case of school trips outside of Malta;

• photography and videography.

This list is not exhaustive.

Why we collect and use pupil information

We collect and use student information, for the following purposes:

a) to support student learning;

b) to monitor and report on student attainment progress;

c) to assess the quality of our services;

d) to keep children safe (food allergies, or emergency contact details);

e) to meet the statutory duties placed upon us by the competent authorities.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing student information are:

• for the purposes of (a), (b) and (c) in accordance with the legal basis of Contractual Performance: collecting the data is necessary to perform tasks that we are required to perform in other provide the student with the tuition service

• for the purpose of (d) in accordance with the legal basis of Vital Interests: to keep students safe (food allergies, medical conditions)

• for the purpose of (e) in accordance with the legal basis of Compliance with Legal Obligations: data is collected for the National Commissions for Further and Higher Education (NCFHE), the Department of Education, the National Statistics Office (NSO), and other Government authorities.

In addition, concerning any special category data:

• conditions a, b, c and d of GDPR – Article 9

How we collect student information

We collect student information via the school registration form when a student first joins the school, and via other registration forms when applying for exams organised by the ISTD and SDA. In the case of photos and videos, these are collected during photo shoots, performances and other school activities.

Student data is essential for the schools’ operational use. Whilst the majority of student information you provide to us is mandatory, some of it is requested on a voluntary basis. In order to comply with the data protection legislation, we will inform you at the point of collection, whether you are required to provide certain student information to us or if you have a choice in this.

How we store student data

We hold student data securely for as long as the student is attending classes at our school. Data is processed using software which is installed on computers or “in the cloud”.

Who we share student information with

Student information is only shared on as need basis with the ISTD and SDS when the student is taking an exam of one of these examinations boards.

Student information is not shared with any other entity.

Why we share student information

We do not share information about our students with anyone without consent unless the law and our policies allow us to do so.

Requesting access to your personal data

Under data protection legislation, parents and students have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Rowena Grech (Principal) on

You also have the right to:

• object to processing of personal data that is likely to cause, or is causing, damage or distress;

• prevent processing for the purpose of direct marketing;

• object to decisions being taken by automated means;

• in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and

• a right to seek redress, either through the Information and Data Protection Commissioner, or through the Maltese Courts.

If you have a concern or complaint about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information and Data Protection Commissioner at


If you would like to discuss anything in this privacy notice, please contact: Rowena Grech on