The UK’s Data Protection Act 1998 has been replaced by the Data Protection Act 2018. This law governs how we collect, use and share people’s information and provides greater rights to individuals and control over how their information is handled by organisations, including schools.
We have taken steps to review and update our processes around how we are handling your information as detailed below:
1) We have carried out an information audit to detail all the information we hold both electronically and paper based. We have established where the data came from and who it is shared with.
2) We have established the lawful basis for processing personal data. If we do not have a lawful basis then consent has been requested.
3) We have a SAR form to complete if data subjects would like to know the information we hold.
4) We have appointed a Data Protection Officer. Our Data Protection Officer is Paula Harris.
5) We have a data breech reporting procedure in place.
6) All staff have attended training on the new regulations. All staff and governors are required to complete an on-line training module on the new regulations. The online training is refreshed every two years.
7) All our suppliers have been contacted to confirm that they are GDPR compliant.
8) We have reviewed and revised our Data Protection Policy and Privacy Notices. (Privacy notice for LAC to be finalised by autumn 2019).
If you would like to know more about the Data Protection Act 2018 and your rights, please visit the UK’s data protection regulator, the Information Commissioner’s Office at www.ico.org.uk
Should you have any queries regarding the Data Protection Act 2018 and our school, or would like to submit a subject access request, please email us at firstname.lastname@example.org
Click on the image below to read our Data Protection Policy