General Data Protection Regulation (GDPR)
What is GDPR?
This refers to the General Data Protection Regulation which superseded the Data Protection Act 1998, on 25 May 2018.
The legislation is designed to ‘harmonise’ data privacy laws across Europe, as well as give greater protection and rights to individuals. Within the GDPR there are large changes for the public, as well as businesses and bodies, that handle personal information. In essence, it is about protecting personal data and how it is used. It gives individuals greater control and say over how their personal data is used.
GDPR defines personal data as:
Any information relating to an identified or identifiable person (known as a Data Subject).
An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an ID number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.
What data we hold and who we share information with:
For all Privacy Notices - Pupils/Parents/Workforce (click here)
Specific Consent - Photographs & Video Recordings:
The school requires specific consent before taking photographs or video recordings for purposes which are not part of its core activities ie website, promotional material etc. A new images consent form was distributed in October 2020 available below for information:
New Images Conditions & Consent Permission Form
Requesting Access to Personal Data
Under data protection legislation, parents have the right to request access to information held about themselves and their children under the age of 16. To make a subject access request for yourself or your child(ren)'s personal information please click on the link below:
Subject Access Request Form (click here)