Data Protection (GDPR)

NEW GDPR is now in effect as from 25th May 2018. Please see our new Privacy Notice below.
 
For the purpose of the Data Protection Act 1998 (updated May 2018), schools are known as Data Controllers.  They collect, receive and hold personal data about their pupils and their school workforce.
 
Under the Act, the information held by schools about their pupils and their workforce must only be used for specific purposes.  Schools are required to write to parents/pupils and their workforce to tell them about the types of data held, why it is held and to whom it may be passed.
 
The Data Protection Act imposes obligations on those responsible for processing data. It gives individuals rights to access their personal information, with parents excercising this right on behalf of children if the children are to young to do so themselves.
 
Schools are required by lay to pass certain pupil and school workforce information to the Local Authority (LA) and to the Department for Education. (DfE).  
 
A copy of the NEW Greenwood Tree Academy Trust Privacy Notice is attached.