From 25 May 2018, a new EU-wide data protection law, the General Data Protection Regulation or GDPR, comes into force. The underlying principles of this law are not new. Under both the UK’s 1998 Data Protection Act and GDPR, organisations must only collect, hold, use and share personal data if they have a lawful basis for doing so and, of course, that personal data must be kept secure. What is new with GDPR is a greater emphasis on transparency and being able to demonstrate compliance with the law.
We are not changing how we collect and process the personal data of pupils across our schools, but in accordance with the requirements of GDPR, each school has published a new privacy notice on its website, which explains in detail, for the benefit of pupils and their parents or carers, how and why we collect personal data, as well as what we do with it and your rights in relation to data protection. This can be viewed by clicking on this link.
The Knowledge Schools Trust is the data controller in respect of any data processing undertaken by our schools, and the Trust-wide policy on Data Protection can be viewed by clicking on this link.