On the 25 May 2018, the UK’s Data Protection Act 1998 is being replaced by a new law called the GDPR (the EU General Data Protection Regulation 2016). This law governs how we collect, use and share people’s information and provides greater rights to individuals and control over how their information is handled by organisations, including schools.
We’re taking steps to review and update our processes around how we are handling your information and have appointed a Data Protection Officer, to help us get ready for the changes. We will publish more information about how we are meeting the GDPR on this page in due course. You will find links to the privacy policies for parents/ carers and for pupils.
If in the meantime you would like to know more about the GDPR and your rights, please visit the UK’s data protection regulator, the Information Commissioner’s Office at www.ico.gov.uk
The process of becoming fully GDPR compliant will be a long one because it affects all aspects of the school. We do already have strong Data Protection policies and protections but these now all need to be updated in line with GDPR.
We are working on our practice to ensure that GDPR is central to our day-to-day culture. We already highly value and protect all of our pupil, parent and staff data and will continue to do so in the presence of GDPR.
As a parent/carer you may receive some letters from us regarding GDPR. Some of those may be about consent and some about updating your information with us. Please do read and send back everything you receive.
Should you have any queries regarding the GDPR and our school, please email us at email: firstname.lastname@example.org