Our data protection policies are available to view - see links below.
They have been compiled in accordance with the General Data Protection Regulation (GDPR).
GDPR sets out the key principles, rights and obligations for the processing of personal data. It ensures a balance between an individual’s rights to privacy and the lawful processing of personal data undertaken by organisations in the course of their business.
It aims to protect the rights of individuals about whom data is obtained, stored, processed or supplied and requires that organisations take appropriate security measures against unauthorised access, alteration, disclosure or destruction of personal data.
As a school, we are a 'data controller' and we process personal information about children who attend our school.
We will only use the information we hold for specific purposes as allowed by law and ensure that only people who need to use the information have access to it.
Individuals have the right to see all the personal information held about them by any data controller.
The request for this information is known as a `Subject Access Request' (SAR) and should be made in writing. We usually consider children aged 12 or over old enough to understand their rights and to make a Subject Access Request themselves if they want to. If your child is younger, you will normally have to make a request on their behalf.
If you or your child wants to see their personal information, a request should be made in writing and sent to the IT Services Manager using the following email address: firstname.lastname@example.org
You also have the right to see, or get a copy of, your child's educational record at their school. If you want to see your child's records, please write to the school.