On the 25 May 2018, the UK’s Data Protection Act 1998 was replaced by a new law called the GDPR (the EU General Data Protection Regulation 2016). This law governs how we collect, use and share people’s information and provides greater rights to individuals and control over how their information is handled by organisations, including schools.
If you would like to know more about the GDPR and your rights, please visit the UK’s data protection regulator, the Information Commissioner’s Office at www.ico.org.uk
The process of becoming fully GDPR compliant will be a long one because it affects all aspects of the school. We do already have strong Data Protection policies and protections but these now all need to be updated in line with GDPR.
We are working on our practice to ensure that GDPR is central to our day-to-day culture. We already highly value and protect all of our pupil, parent and staff data and will continue to do so in the presence of GDPR.
As a parent/carer you may receive some letters from us regarding GDPR. Some of those may be about consent and some about updating your information with us. Please do read and send back everything you receive.
Should you have any queries regarding the GDPR and our school, please email us at email: firstname.lastname@example.org