What is GDPR and why is it being introduced?
In very simple terms, the General Data Protection Regulation can be likened to an up-to-date version of the Data Protection Act. When the first data protection laws were introduced in 1998, Google didn’t even exist. The GDPR recognises that our world – and the way our personal data is processed – has changed significantly in the last two decades.
GDPR privacy notice for pupils and their families
Schools are currently required to inform pupils and their families about how their personal data may be collected and used. The following link explains current arrangements: https://www.stjohnsprimaryn11.co.uk/wp-content/uploads/2018/03/PRIVACY-NOTICE-June-2017.pdf
This requirement will remain once the General Data Protection Regulation (GDPR) comes into effect on 25 May 2018; however, schools will be required to revise their privacy notices to include further information on processing individuals’ personal data, in order to be compliant with the GDPR.
As a school, we handle a lot of sensitive personal data about children, families and staff members. This data needs to be processed safely and kept secure, to stop it falling into the wrong hands or being used for a purpose other than what it was intended for.
In a school setting, it falls to a person with parental responsibility (a parent, carer or guardian) to provide consent for processing personal data relating to a child. In the months ahead we will be reviewing and where necessary revising our systems for collecting, storing and sharing information. Further information about this will be shared with you as and when necessary. This will include the issue and return of consent forms from you, our parents and carers.
Updates on progress towards compliance with new regulations will follow on this page.
This explanation includes information provided by ‘Parenta – working together for our children’