The General Data Protection Regulation (GDPR)

There are new data protection laws in the UK and across the EU which came into force on the 25th May 2018. These are called the General Data Protection Regulation (GDPR). This works with the Data Protection Act 2018 to form the UK’s data protection framework.

The UK GDPR sets guidelines for how people’s personal data is processed and kept safe, and the legal rights individuals have over their own data.

As we hold personal data, we must comply with these regulations ensuring data is handled responsibly and securely. This means protecting the privacy of students, staff and parents while fostering an environment of trust. By understanding the core principles of GDPR, taking proactive steps to comply with its requirements, and keeping the privacy of all individuals at the forefront of our practice.

The school’s privacy notice has been updated to meet the GDPR requirements. It is important that all parents, staff and trustees read and understand the relevant privacy notice, which can be found below, as the school wants to ensure that you understand what we are doing with your data and that you know we are acting legally.

We already highly value and protect all of our student, parents and staff data and will update our practices and procedures to ensure we keep up-to-date with current data protection regulations.

For further information about GDPR please visit the ICO website.

We have appointed a Data Protection Officer (DPO) to oversee the way the school handles data and ensure that requests for data are dealt with in accordance with GDPR. For any subject access requests (SAR), Freedom of Information requests (FOI) and queries you have about the way in which your data is handled please contact our DPO via the information below.