Schools handle a large amount of personal data. This includes information on pupils, such as assessment data, medical information, images and much more. Schools will also hold data on staff, governors, volunteers and job applicants. Schools handle what the GDPR refers to as special category data, which is subject to tighter controls. This could be details on race, ethnic origin, or trade union membership.
This data is already governed by existing DPA regulations, which ensure personal data is handled lawfully. However, the new GDPR regulations requires organisations to document how and why they process all personal data, and gives enhanced rights to the individual.
Our Privacy Notices outline how and why we collect, store and share data and the lawful basis with which we do this.
Below is a list of all data protection impact assessments that the school has completed. If you require copies or further information, please contact the school office.