What is UK-GDPR?
UK-GDPR stands for General Data Protection Regulation.
UK-GDPR replaced the provisions of the European GDPR when the UK left the European Union.
What does this mean for schools?
Schools handle a large amount of personal data. This includes information on pupils, such as assessment information, medical information, images and much more. Schools will also hold data on school staff, governors, volunteers etc.
Schools will also handle what the UK-GDPR refers to as sensitive data, which is subject to tighter controls. This could be details on race and ethnic origin for example.
What is personal data?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
The processing of data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
Data Protection
As every school collates, processes and shares data about pupils, please find information regarding our privacy notices and policies.
What is a Privacy Notice?
A Privacy Notice is a statement issued by an organisation which explains how personal and confidential data about individuals is collected, used and shared.
As the school collates processes and shares data about pupils, please find information regarding our privacy policies.
GDPR Pupil and families Privacy Notice
GDPR School Workforce Privacy Notice
UK GDPR Visitor Privacy Notice
UK GDPR Suppliers used by the school Privacy Notice
Our GDPR policy is on the policies page.
Third Party Processors
We use a number of third party processors eg class dojo, NHS, Barnsley MBC. If you would like a copy of their privacy policy, please email the school.
Our Data Protection Officer is Mr Tim Pinto. Email tpinto@esafetyoffice.co.uk
The Governor responsible for GDPR is Mrs K Woodhead