Close Search

General Data Protection Regulation (GDPR)

On the 25 May 2018, the General Data Protection Regulation (GDPR) replaces the Data Protection Act 1998.

The new GDPR regulations requires all organisations who use personal data, to state the purpose of doing so and the legal basis of storing and using it. It also introduces new individual rights relating to personal data usage.

Conyers school has had robust procedures in place to secure your data, which we have required to help run the school.  In light of GDPR we have updated these arrangements and will be contacting parents and staff directly, to inform them, as required by the new law.

All the personal data which we need for the daily running of the school, is classed as “in the public interest” and is discussed in our privacy statement, which is available to view below. This data does not require specific consent and there is no action for parents to take.

There are some specific pieces of data which require explicit consent from parents or students, (such as publicity, IT and biometrics). These are will be obtained during induction to the school and/or as circumstances arise.  Where consent is requested, you are at liberty to decline or withdraw it at a later date.

One of the biggest changes under the new regulations is the age of consent which will be 13 years old from 25 May 2018.  This will require us to obtain consent for some of the above areas from students, rather than parents.

In the coming term, we will launch a new App which will provide parental access to data where we will ask you to verify the data is accurate and up-to-date.

Should you require further information about GDPR, your rights and the changes in the new regulations, you can visit the official Information Commissioner’s Office website at

If you have any specific school related questions about GDPR, please see the website and/or contact our designated Data Protection Officer (Rachel Houchen) via