On the 25 May 2018, the General Data Protection Regulation (GDPR) replaced the Data Protection Act 1998.
The GDPR regulations require all organisations who use personal data, to state the purpose of doing so and the legal basis for storing and using it. It also introduces new individual rights relating to personal data usage.
Conyers school has had robust procedures in place to secure your data, which we have required to help run the school. In light of GDPR we have updated these arrangements and will be contacting parents and staff directly, to inform them, as required by the new law.
All the personal data which we need for the daily running of the school is classed as “in the public interest” and is discussed in our privacy statement, which is available to view below. This data does not require specific consent and there is no action for parents to take.
There are some specific pieces of data which require explicit consent from parents or students, (such as publicity, IT and biometrics). These are will be obtained during induction to the school and/or as circumstances arise. Where consent is requested, you are at liberty to decline or withdraw it at a later date.
One of the biggest changes under the new regulations is the age of consent which is 13 years old. This will require us to obtain consent for some of the above areas from students, rather than parents.
Should you require further information about GDPR, your rights and the changes in the new regulations, you can visit the official Information Commissioner’s Office website at www.ico.org.uk/for-the-public/
If you have any specific school related questions about GDPR, please see the website and/or contact our designated Data Protection Officer (Natasha Healy) via email@example.com