Background to the General Data Protection Regulation (‘GDPR’)
The General Data Protection Regulation 2016 replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC, including the UK’s 1998 Data Protection Act. Its purpose is to protect the “rights and freedoms” of natural persons (i.e. living individuals) and to ensure that personal data is not processed without their knowledge and, wherever possible, that it is processed with their consent.
As a school we need to process personal data in order to:
- Carry out a task in the public interest
- Exercise our official authority
We can process personal data without seeking consent if we need to in order for our school to run properly.
Essentially, we can process personal data in order for your school to run properly, and to fulfil our official functions as set out in law. Schools need to provide education to children, and we need to process personal data about a child in order to do this, then we are allowed.
Privacy Notice for Parents: please click here
GDPR information for parents- covering letter
School Data Policies: