GDPR and Data Protection
The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation which determines how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.
‘Personal data’ means information that can identify a living individual.
The regulation applies to all schools from 25 May 2018, and will apply even after the UK leaves the EU.
Main principles
The GDPR sets out the key principles that all personal data must be processed in line with.
There are also stronger rights for individuals regarding their own data.
New requirements
The GDPR is similar to the Data Protection Act (DPA) 1998 but strengthens many of the DPA’s principles.
Further information on GDPR can be found on the ICO website.
We have updated our Privacy Notices and Data Protection Policy in preparation for GDPR as well as providing training and awareness for staff. Please contact the Data Protection Officer via the School Office if further information is required.