General Data Protection Regulation
What is GDPR?
GDPR stands for: General Data Protection Regulation. Although the school has been working in line with the Data Protection Act from 1998, new regulations in relation to your personal data come into effect from 25th May 2018. Stamford Park Infant School will ensure that personal data is protected and kept safely and securely. It will ensure that its policy for data protection is used as the basis for collecting, storing, accessing, sharing and deleting personal data. The school will use the General Data Protection Regulations (GDPR) as the benchmark for its standard for protecting personal data.
Objectives
Strategies
Why does the school keep information about you (parent/carer/guardian) or your child?
The whole school team need to make sure that you and your child receives the best education, care and support we can provide. We gather, store and use personal information to help us to achieve this.
Most personal information is used within school to help plan and deliver excellent quality care and education every day.
What personal information about your child is collected?
What personal information about you (parent/carer/guardian) is collected?
What are we going to do with personal information?
Your information, and your child’s information, is used to make sure that the school teams have accurate and up-to-date information, to inform our provision - enabling us to assess and plan the best care, well-being and educational provision for your child.
We use personal information when we are seeking additional support, specialised support, funding, and care (only with your consent).
How will we keep your information secure and confidential?
All members of the school workforce (staff) have a legal duty to keep information about you and your child confidential (unless in extreme circumstances where your safety, your child’s or somebody else’s safety is compromised).
The school has a code of confidentiality which all staff must adhere to.
We use a range of systems which insist upon encryption, password protection and verification to keep information secure.
The law and your personal information
There are many government policies and Acts of Parliament which require schools to report certain personal information to other organisations.
The school will not disclose personal information about you or your child without your permission/consent, unless required by law to do so.
Outcomes
The requirements of the GDPR will be met by this school as the basis for collecting, storing, accessing, sharing and deleting personal data. Data will be processed fairly lawfully and in a transparent manner. It will be used for specified, explicit and legitimate purposes in a way that is adequate, relevant and limited. It will be accurate and kept up to date and kept no longer than is necessary. Data will be processed in a manner that ensures appropriate security of the data.