GDPR & Privacy
The School collects and uses personal information about staff, students, parents or carers and other individuals who come into contact with the School. This information is gathered in order to enable it to provide education and other associated functions. In addition, there may be a legal requirement to collect and use information to ensure that the School complies with its statutory obligations.
The School is a data controller and must therefore comply with the Data Protection Principles in the processing of personal data, including the way in which the data is obtained, stored, used, disclosed and destroyed. The School must be able to demonstrate compliance. Failure to comply with the Principles exposes the School and staff to civil and criminal claims and possible financial penalties.
· The School processes personal data fairly and lawfully and in compliance with the Data Protection Principles.
· All staff involved with the collection, processing and disclosure of personal data will be aware of their duties and responsibilities under this policy.
· That the data protection rights of those involved with the School community are safeguarded.
· Confidence in the School’s ability to process data fairly and securely.
For more details please see our GDPR and Data Retention Policy.