At Emmer Green Primary School we have always taken data protection very seriously and have been compliant with rules and regulations set out in the Data Protection Act (DPA) of 1998. On 25th May 2018, data protection regulations changed significantly, and many of our internal processes and supporting documents have also changed so that we remain compliant within these new Data Protection 2018 regulations (often referred to as simply 'GDPR').
Data protection is about ensuring people can trust we use their data fairly and responsibly. All organisations that collect information about individuals for any reason (other than for personal, family or household purposes) need to comply. That includes us as a school. The UK data protection regime is set out in the DPA 2018, along with the GDPR (which also forms part of UK law). It takes a flexible, risk-based approach which puts the onus on us as an organisation to think about and justify how and why we use data.
Following Brexit, Regulation (EU) 2016/679, General Data Protection Regulation (GDPR) is retained in EU law and known as UK GDPR. The UK GDPR sits alongside an amended version of the Data Protection Act 2018 that relate to general personal data processing, powers of the Information Commissioner and sanctions and enforcement. The GDPR as it continues to apply in the EU is known as EU GDPR.
The Data Protection Policy document below outlines the approach we use at the school to protect your data, and also details your rights regarding access to that data.
The Privacy Notices detail the types of data that we hold and the legal reasons why we collect and use such information.
If you have any questions relating to our approach to data protection or any of our policy documents, please contact the school office. We will try our hardest to answer your questions or concerns, and will try and do so in plain English!