GDPR – Data Protection

What is GDPR?

Things are changing!

The GDPR will apply in all EU member states from 25 May 2018. This will affect how schools manage personal data and how this is protected and shared.

The EU’s General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.

Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.

In the coming week’s school will be updating Privacy Notices, policies and Consent Forms to make sure we are compliant with the new GDPR.

Check regularly on this section to see what is new.

Follow the link for more information GDPR

Under the Data Protection Act, all schools and early years settings must inform parents and carers that they hold personal details about each pupil. Schools must also inform staff that they hold personal details about them. The school must explain how they intend to use the data and provide information about who the data may be forwarded to.

The Privacy Notices below detail how Carr Head and other relevant bodies hold and handle data.

Privacy notice for parents and carers of pupils in school Privacy notice for the school workforce  Privacy notice for children looked after & children in need  Privacy Notice from BTH School Nurses relating to Year 6