We take the privacy of our staff, governors, parents/guardians and pupils very seriously and work to the highest standard to keep your data safe in-line with the General Data Protection Regulation (GDPR).
We are committed to compliance with all relevant EU and Member State laws in respect of personal data, and the protection of the rights and freedoms of individuals whose information we collect and process in accordance with the GDPR and the Data Protection Act 2018.
As a school, we are a Data Controller under the regulations and as such define how and why personal data is collected, stored, and used. We also utilise Data Processors – third parties that process the data we control on our behalf. As a Data Controller, we must comply with the regulation as well as ensuring that all of our Data Processors are compliant.
We will achieve compliance by ensuring personal data is processed lawfully, transparently, and for a specific purpose. Once the purpose is fulfilled and the data is no longer required, it will be deleted, as stipulated within our Retention Policy.
We implement additional security measures including advanced firewalls, enhanced virus protection across our entire school estate and regular data backup.
We provide regular data protection training to all staff as well as our governing body.
We carry out ongoing due-diligence with all third party data processors.
We will continue to share the specific details of personal data collected in our Privacy notices which have been created for our staff, governing body, parents and pupils. The revised notices are publicly available on our website.
Parents/guardians can assist us by ensuring that we have the most up to date address, telephone number, emergency contact details and email address on file. You can also assist us by ensuring that you return any consent or data collection forms promptly to school.
If you would like to make a subject access request please view the relevant privacy notice describing how you can do so and email email@example.com.