Data Protection and GDPR
The General Data Protection Regulations came into force in May 2018.
Schools handle and store personal information about pupils, parents/carers, staff, and governors. Under the Data Protection Act 2018, schools are legally obliged to protect this information.
As a school, we must:
- only collect personal information we need for specific purposes
- keep the information secure
- ensure the information is relevant and up to date
- only hold as much information as we need and only for as long as we need it
- let people know what information is held about them and what it is used for
- allow these people to see the information that is held about them
- notify the Information Commissioner’s Office that we process personal information.
Informing parents and carers
As a school, we must inform all parents and carers of the personal information we hold about each pupil and explain how we intend to use this information. Please see our Data Protection Policy and School Privacy Notice.
Designated Protection Officer
Jessica Sweet is the Data Protection Officer for Coundon Primary School. She can be contacted on 024 7683 1068 or firstname.lastname@example.org. Her role is to oversee and monitor the school’s data protection procedures and to ensure school is compliant with General Data Protection Regulations.
Allowing individuals to see their information
Pupils, their parents/carers, staff and governors have the right to see the personal information schools hold about them and to correct the information if it is wrong. Under the Data Protection Act, they can send a subject access request to the school.
Information Commissioner’s Office
School is registered with the Information Commissioner’s Officer as a data controller and our registration number is Z7521429.