The General Data Protection Act (GDPR)
As a school, we have a duty to follow the General Data Protection Regulations which came in to force in 2018. GDPR can be summarised as six principles of how companies and organisations should use personal data.
Personal data should be:
- Processed fairly, lawfully and in a transparent manner.
- Used for specified, explicit and legitimate purposes.
- Used in a way that is adequate, relevant and limited.
- Accurate and kept up to date.
- Kept no longer than is necessary.
- Processed in a manner that ensures appropriate security of the data.
Please find below details of how we will use Pupil Data.