General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR) became effective in countries in the EU on 25th May 2018. It brings higher standards for handling data and greater expectations for improved transparency, enhanced data security and increased accountability for processing personal data. Schools have a legal duty to comply with the GDPR.

The new GDPR (General Data Protection Regulation) replaced the Data Protection Act (DPA) and strengthens and unifies all data held within an organisation. For schools, GDPR brings a new responsibility to inform parents and stakeholders about how they are using pupils’ parents and staff data and who it is being used by.

Data Protection Policy 2018.20

Information Security Policy 2018-21

Privacy Notice for Parents 2018-21

Privacy Notice for Staff 2018-21

Privacy Notice for Governors 2018-21