The General Data Protection Regulations (GDPR) becomes law on May 25th, 2018. It sets out how the school can handle your date.
There are 8 data protection principles, these are;
- Personal Information must be fairly and lawfully processed.
- Personal information must be processed for limited purposes.
- Personal information must be adequate, relevant and not excessive
- Personal information must be accurate and up to date
- Personal information must not be kept longer than necessary
- Personal information must be processed in line with the data subjects’ rights
- Personal information must be secure
- Personal information must not be transferred to other countries without adequate protection.
The regulations also include these rights;
- Right to be informed – to know what is the data used for, how long, by whom etc
- Right of access - to be able to see and know the data being held
- Right to rectification - to fix any errors
- Right to Erasure -to choose to have the data erased
- Right to Restrict Processing – to stop the data being used for certain purposes
- Right to object – to complain about what someone has done or will do with the data
Mrs Kim Jones is the Data Protection Officer for the school and is responsible for ensuring compliance with the GDPR and reporting any data breaches to the Information Commissioners Office (ICO).
There is a good video which will explain the GDPR in more detail which can be accessed here GDPR for Parents
|Whole School - GDPR Letter.pdf||Download|
|Data Protection Policy.pdf||Download|
|Records Management Policy.pdf||Download|
|Use of Images Policy.doc||Download|
|Freedom of Information Policy.pdf||Download|
|Model Publication Scheme.pdf||Download|
|Privacy Notice for Schools - children.pdf||Download|
|Privacy Notice for schools - workforce.pdf||Download|