Childcare: destroying child and parent records
A day nursery, childminding agency or after-school club processes sensitive data of the most vulnerable group there is: children. Child records, observations, allergies, the national ID number of child and parents, placement contracts and sometimes concerning signals. Each has its own retention period. Keep it too long and you hold children's data without a purpose. Keep it too short and you miss documents in a complaint or claim. This guide shows, by part, what you keep, when it may go and how to destroy it confidentially.
The quick answer: the pedagogical child record has no fixed statutory period but the GDPR storage limitation, usually a limited period after deregistration. The administration for childcare benefit falls under the tax seven years. Accident and incident records you keep longer because of liability, and health data you treat as sensitive data.
Why children's data needs extra protection
Children's data enjoys extra protection under the GDPR. Children cannot themselves oversee what happens with their data, and the provider often also processes health data such as allergies and medication use. That is special-category personal data. On top of that comes the national ID number of the child and the parents, needed for childcare benefit. A childcare archive is therefore more sensitive than it looks at first glance.
That is precisely why storage limitation weighs heavily here. Do not keep longer than necessary, but do account for the long tail of liability around a child. Those two sides, clearing out quickly and yet keeping certain documents longer, make a good retention period per part important.
Retention periods by part
The period differs per type of data. The overview below gives the main line. Count the tax period from the end of the financial year and the other periods from the deregistration of the child.
| Part | Starting point | Period |
|---|---|---|
| Placement contract and invoicing | Tax retention obligation | 7 years |
| Childcare benefit data (national ID) | Tax retention obligation | 7 years |
| Pedagogical child record, observations | GDPR storage limitation | approx. 2 years after leaving |
| Allergy and health data | Special-category data | as long as needed |
| Accident and incident records | Liability and limitation | keep longer |
| Personnel files and screening certificates | Own periods | per part |
Use this as a guideline, not a final legal ruling. Set the exact period for the child record in your own privacy policy. The tax side is in the 7-year tax retention obligation, and a parallel with education is in schools: student files kept for 5 years.
Accident and incident records: why longer
Around a child, liability plays out a little differently than with an adult. If a child is injured during childcare, a claim can surface long after the incident, because for a minor the limitation period may only start later. An accident record you would throw away after two years could then be exactly the document you needed.
So keep accident and incident records longer than the ordinary child record. Treat them as a separate category with their own, longer period and assess per case whether a file must stay even longer because of a running matter. That way you avoid destroying a document that later turns out to be crucial.
Allergy and health data separately
Allergies, medication use, a diet for medical reasons and other health data are special-category personal data. They should be secured separately, accessible only to those who need them, and they disappear as soon as they are no longer needed. On destruction that means a fine level, because this data must not remain reconstructable.
Keep this data recognisably separate within the file. That way you avoid a whole child record inheriting the longest period of its most sensitive part, and you can clear out the health data specifically as soon as the child has left and there is no reason to keep it.
How to handle it in 6 steps
- Split the file into administration, pedagogical record, health and incidents.
- Note the period per part, counted from deregistration or the financial year.
- Keep accident records longer because of liability.
- Treat health data separately and at a fine destruction level.
- Collect what may go in sealed containers, not in the paper bin.
- Have it destroyed confidentially with a certificate and record it in your register.
Destroy confidentially with a certificate
Child records and parent data are destroyed confidentially at a fine level, because they contain a national ID number and health data. The paper and any data carriers travel sealed and stay that way until destruction, so the chain is closed. An old childcare computer or backup with children's data belongs with it too.
Afterwards you receive a certificate of destruction with the date, quantity and level. That certificate is your proof towards the GDPR and the inspectorate that you acted carefully. Record the destruction in your GDPR administration. We collect within 20 km of Amsterdam with no call-out charge, work nationwide through pooled collection rounds and charge a fixed price per box or roll container. Drop-off on site is not possible; it works by appointment through collection.
Child records to be destroyed?
Tell us what you have and you get a fixed price. We collect it sealed, destroy it at a fine DIN level and you receive a certificate for your GDPR file. No call-out charge within 20 km of Amsterdam.
Request a quoteCommon mistakes
- Keeping the whole file for the same period. Administration, pedagogical record and incidents have different periods.
- Throwing away accident records too early. For a child the limitation period may only start later.
- Not treating health data separately. Allergies and medication use are sensitive data.
- Throwing away unshredded. A child record on the street is a reportable data breach.
- Keeping no proof. Without a certificate you cannot demonstrate the destruction.
Frequently asked questions
How long may a childcare provider keep a child record?
For the pedagogical child record there is no fixed statutory period, but the GDPR storage limitation. In practice you keep it for a limited period after deregistration, often around two years, unless a concrete ground justifies keeping it longer.
How long do I keep the provider's administration?
Placement contracts, invoicing and the data for childcare benefit fall under the seven-year tax retention obligation. That period is separate from the pedagogical record.
Why do I keep accident records longer?
If a child is injured, a liability claim can arise long after the incident, because for minors the limitation period may only start later. So keep accident and incident records longer than the ordinary file.
Are a child's allergy and health data sensitive data?
Yes. Allergies, medication use and other health data are special-category personal data. They require extra security and destruction at a fine level as soon as they are no longer needed.
Conclusion
A childcare provider manages data of the most vulnerable group, with a national ID number and health data mixed together. So do not treat the file as a whole. Keep the administration seven years, clear out the pedagogical record after the usual period following deregistration, keep accident records longer because of liability and treat health data separately. What may go you have destroyed confidentially at a fine level, with a certificate as proof. That way you protect the children and stand with proof in hand in a complaint or audit.
Read also: insurers: destroying claim and policy files, municipalities: destroying citizen data and archive, schools: student files kept for 5 years and the GDPR retention periods cheatsheet.
Have child records collected? Request a quote via desnipperaar.nl. Within a few minutes you have a fixed price, including a certificate as proof.