What is GDPR and how does it effect you ?
The EU General Data Protection Regulation (GDPR) is a new data protection law, which will replace the existing EU laws. It aims to strengthen the protection of “personal data” paying particular attention to the way that data is now used and shared particularly with respect to the increasing use of technologies.
We take the protection of our pupils personal data very seriously and adhere to the following data protection principles to ensure that personal data is:
- Processed lawfully, fairly and in a transparent manner
- Collected for specified, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary to fulfil the purposes for which it is processed
- Accurate and, where necessary, kept up to date
- Kept for no longer than is necessary for the purposes for which it is processed
- Processed in a way that ensures it is appropriately secure
This legislation is European wide and applies to schools and businesses who hold a large amount of personal data. The majority of the obligations under the current Data Protection Act continue but with some additional obligations and considerations. The school has been working on a policy that sets out how the school aims to comply with these principles.