#1 Montessori School (2019-2025)

in London

ISO 45001:2018

Accredited

Halal Food

Protected

Enhanced DBS

Checked

5-Star Hygiene

Rated Kitchen

Blue Nest Montessori logo
Policies

Privacy & Cookie Policy

Blue Nest Montessori School is committed to protecting the privacy of our families, children, staff and website visitors. This policy explains what personal information we collect, why we collect it, how we use it, and the rights you have under UK GDPR.

Last reviewed: 19 May 2026 · Final legal review pending

Blue Nest Montessori School(“Blue Nest”, “we”, “our”) is the data controller for the personal information described in this policy. We operate Montessori day nurseries across Harrow, Pinner, Borehamwood, Pinner Green and Northwood. This policy applies to all personal data we process — through our nurseries, our website at bluenest.uk and our supporting systems.

1. Personal data we collect

The categories of personal data we collect depend on your relationship with us.

Parents and guardians

  • Full name, postal address, email address and telephone numbers
  • Relationship to the child and parental responsibility status
  • Emergency contacts and authorised collection persons
  • Employer details where required for funded-childcare administration
  • Billing and payment information processed via our payment provider
  • Any correspondence and enquiry history with our team

Children in our care

  • Full name, date of birth, photograph and home address
  • Medical history, allergies, dietary requirements and care plans
  • Developmental records, EYFS observations and learning journey entries
  • Attendance, sessions booked and incident or accident records
  • Safeguarding-related records as required by statutory guidance

Website visitors

  • Information submitted through enquiry forms, the chat assistant or the prospectus download form
  • Order details if you purchase from the Blue Nest Nursery Store
  • Technical data such as IP address, browser type, device type and pages visited
  • Cookie identifiers (see “Cookies” below)

2. How we use personal information

  • To deliver early-years care, learning and safeguarding for the children enrolled with us
  • To process admissions, registrations and ongoing communication with parents
  • To process payments, fees, deposits and refunds
  • To respond to enquiries submitted through this website or by phone or email
  • To send service updates about your child’s sessions, closures and policy changes
  • To meet legal and regulatory obligations, including Ofsted and local authority reporting
  • To improve our website, services and communications

3. Legal basis under UK GDPR

We rely on the following lawful bases, depending on the purpose:

  • Contract — to deliver the childcare services you have signed up for
  • Legal obligation — to meet statutory safeguarding, health-and-safety and tax requirements
  • Vital interests — to protect the welfare and safety of a child in an emergency
  • Legitimate interests — to run our website, respond to enquiries and improve our service
  • Consent — for non-essential cookies, marketing communications and photographs used in publicity, which you may withdraw at any time

4. Children’s information and safeguarding

Information about children is treated with the highest level of care. Access to children’s records is restricted to the staff who need it to deliver their role. We follow the statutory framework for the Early Years Foundation Stage, Keeping Children Safe in Education and our internal safeguarding policy. Where we are required to share information with social care, the police, the local authority designated officer or other statutory bodies, we will do so without parental consent if it is necessary to protect a child from harm.

5. Cookies and analytics

Our website uses a small number of cookies and similar technologies:

  • Strictly necessary cookies — keep you signed in to the parent or admin area and remember your shopping cart in the nursery store. These cannot be switched off.
  • Performance and analytics cookies — help us understand how the site is used so we can improve it. These are only set if you give consent.
  • Payment-provider cookies — set by Stripe when you reach a checkout page so they can detect fraud and process your payment securely.

You can clear or block cookies in your browser at any time. Doing so may affect the functionality of signed-in areas or the checkout.

6. Sharing your information

We share personal data only where we have a clear basis to do so:

  • With trusted service providers who help us run the nursery and the website — for example, our payment processor (Stripe), our hosting and email providers and our nursery management software
  • With local authorities and HMRC, where we administer free entitlement, tax-free childcare or other funded places
  • With Ofsted, the local authority designated officer or other statutory bodies where required by law
  • With successors in title or new owners if Blue Nest is reorganised or transferred

We never sell personal information.

7. Data retention

We keep personal data only for as long as we need it for the purpose it was collected, or to meet legal obligations:

  • Children’s records — typically retained until the child reaches the age of 25, in line with statutory safeguarding guidance
  • Accident, incident and safeguarding records — retained in line with EYFS and safeguarding requirements
  • Financial and tax records — at least seven years
  • Website enquiry and chat-assistant records — up to 24 months unless a longer period is required to resolve a matter
  • Marketing-consent records — until consent is withdrawn

8. Security

Personal data is held on secured systems with role-based access. Paper records are stored in locked cabinets at each nursery. All staff receive data-protection and safeguarding training as part of their induction and on an ongoing basis.

9. Your rights

Under UK GDPR you have the right to:

  • Ask for a copy of the personal data we hold about you
  • Ask us to correct information that is wrong or incomplete
  • Ask us to delete information we no longer need, subject to any legal retention requirements
  • Ask us to restrict or object to specific uses of your data
  • Withdraw consent at any time where we rely on it
  • Lodge a complaint with the Information Commissioner’s Office (ico.org.uk)

10. Contact

For any privacy-related questions, or to exercise the rights above, please email manager@bluenest.uk or write to us at our Harrow head office. We aim to respond within 30 calendar days.

11. Changes to this policy

We review this policy regularly and will update it whenever our practices change. The “last reviewed” date at the top of the page always reflects the most recent version. Material changes will be communicated to parents directly.

Questions about this policy?

Email manager@bluenest.uk or reach the team via our contact page.

Contact us