General Data Protection Regulation (GDPR)
Like all organisations that keep or process personal data, we have been updating our systems and policies to take account of the new general data protection regulation (GDPR). The regulation gives more control to individuals over their personal information and requires organisations that collect and hold personal information to keep that information safe and secure.
As a result of the regulation we have:
- updated our Data Protection Policy
- conducted an audit to make sure we are only holding information that is relevant for Hugh Myddelton children and the entire school community.
- issued new privacy notices (below) that explain how we collect, process and store personal data.
- had staff and governor training on keeping information safe and on the Data Protection Regulation.
There are more details in the Data Protection Policy which makes clear the circumstances under which any personal data can be shared outside the school.
The policy also outlines the new rights individuals have to see information we hold about themselves and their child and describes how you can go about getting this information.
If after reading the new policies you have any questions or want more information, please contact the school office.
Please note that the school will share information about pupils with the NHS. The legal basis for this sharing of information is medical safeguarding.
Our policies are currently under review. This process was delayed due to the pandemic and newly-ratified policies will be brought into use in September 2021. In the meantime, the above policies will still operate. Thank you for your understanding.