Policies and School Documentation

School Policies and documentation are constantly being reviewed and updated in line with National and local changes and when we find out how we can do things even better.

Have a look at our Policies and Documents below if you can’t find what you are looking for, or you just want to learn more about us, give our office a ring and we can sort you out.

The General Data Protection Regulation (GDPR) will apply from 25 May 2018 and will affect the way that schools process people’s personal data. Its overall aim is to make sure that people's sensitive data is kept safe and secure. It's similar to the Data Protection Act (DPA) 1998 in many ways - most of the differences involve the GDPR building on or strengthening the principles of the DPA.

At the moment we are in the process of identifying an external Data Processing Officer who will ensure:

• A Bespoke Training Package for our School around Freedom of Information, the Data Protection Act, Information Management within the school and governance issues around GDPR).
• Our school governors and SMT complete an Audit of Compliance with GDPR
• Provision of technical and legal advice on Privacy Notices and key policies and procedures in respect of GDPR and Data Protection.
• Direct assistance and support in respect of Data Protection Breaches with specialist professional advice - to liaise with a key contact in the school.
• Information Management Policies & Support for the school
• A designated Data Protection Officer for the school as required under GDPR. (According to Article 37(6), DPO can be external, and in his/her function can be exercised based on a service contract concluded with an individual or an organisation.*)

*If the DPO is external, all the requirements of Articles 37 to 39 apply to such a DPO. As stated in the Guidelines, when the function of the DPO is exercised by an external service provider, a team of individuals working for that entity may effectively carry out the DPO tasks as a team, under the responsibility of a designated lead contact and ‘person in charge’ of the client. In this case, it is essential that each member of the external organisation exercising the functions of a DPO fulfils all relevant.

We will continue to keep you updated over the forthcoming weeks and months with our progress to becoming fully “GDPR Compliant” but if you want further information please don’t hesitate to contact the school office.