In May 2018, the government brought into force General Data Protection Regulations (GDPR) with a view to safeguarding people's personal information. This placed extra duties on schools and other institutions which handle personal data. In the main, this necessitates only collecting information which is needed to perform our duties, putting in place measures to keep information safe and secure, only keeping hold of data as long as is necessary and disposing of information properly.
We have held a full external GDPR audit and put in place the recommendations that were made. In light of this, we have drawn up the following policies which (with our Privacy Notices) set out what we do to keep your information safe. If you have any questions about how or why we collect or hold data that you feel are not answered within these documents, please don't hesitate to contact us.
Contact details for our DPO (Data protection Officer) Craig Stilwell firstname.lastname@example.org
Data Protection Policy
Data Breach Policy
GDPR Retention Policy
GDPR Retention Schedule
Privacy Notice - Pupils
Privacy Notice - Staff
Privacy Notice - Parents & Guardians
Privacy Notice - Governors