The rules around data protection are changing, the ‘General Data Protection Regulation’ (GDPR) will affect how we can use your personal data and keep it safe, and will also strengthen your rights over your own data. This is to make sure sensitive or private data stays safe. Whilst it is similar to the current Data Protection Act in many ways, there are a few differences, so we need to make a few changes at the school in order to ensure we remain compliant.
- The right to be informed – of where and how your data is used (see the privacy notice/s).
- The right of access – similar to a subject access request or freedom of information request.
- The right to rectification – if you believe your data is incorrect or incomplete.
- The right to erasure – if you want your data erased from our systems, as we have a legal basis for processing data this would not usually be a legitimate request for information held by schools.
- The right to restrict processing – this is the right for your personal data to not be processed for a time.
- The right to data portability – requests for your information to be shared with another organisation, information shared between schools does not need any additional paperwork to be completed by parents/carers.
- The right to object – to the processing of personal data for certain activities, again, requests for restriction of data held by schools is unlikely to be a legitimate request, you do, however, still have the right to request.
- Rights in relation to automated decision making and profiling – this type of data control is not used in school.
If you would like to exercise any of the rights detailed here, please complete the Rights Request Form below and return to the school office or email to firstname.lastname@example.org.
If you would like to discuss any queries or concerns regarding GDPR, please do not hesitate to contact us either in person or by calling us 01332 571151.