Hi, welcome to the site. This criteria relates specifically to what your setting does in regards to GDPR (General Data Protection Regulations) so a copy of the their Data Protection and confidentiality policy is necessary.
GDPR Principles:
https://ico.org.uk/for-organisations...pr/principles/
These are a few points that may help:
- The setting will collect personal information to assist in the health, safety and day-to-day running of the establishment.
- Records kept on file and computers will only be accessible to named people who will have an awareness of confidentiality.
- Parent's have the right to see their child's records.
- Parental consent is needed for any information held about their child or the family, to be shared with other professionals. Unless there are concerns about a child's welfare.
- Parents will be asked to update/confirm personal information held on file.
GDPR information on NDNA.org and on
EYAlliance.org
You can find examples of early year provider policies if you use google eg
Woodcote Preschool ,
Truly Scrumptious Nursery ,
KateGreenaway.org
Hope this helps
Explain the processes used by own organisation to comply with data protection
& 
Linear Mode
