General Data Protection Regulations (GDPR)

The GDPR became law on the 25th May 2018

The school is working hard to ensure that all working practices relating to data protection are compliant with the new laws. Our Data Protection Officer is Nicola Cook who we are employing  through the Bucks Learning Trust (BLT)

Governors set up a sub committee to look into what we needed to do, this includes:

Conducting a self-assessment of readiness for GDPR

Reviewing where all our data is stored, recording where it has come from and reviewing how data is shared

Drawing up a risk register and taking steps to mitigate risk. 

Reviewing who has access to data

Reviewing all documentation from Gov.uk, Information Commissioners Office (ICO) and Information and Records Management Society (IMRS ) Toolkit

Completing an in-depth audit to be checked by our Data Protection Office (Bucks Learning Trust)

Attending training for GDPR readiness

Reissuing letters for photography permissions 

Reissuing privacy notices for anyone associated with the school

Sending opt-in emails or messages for information about the school

Information sharing for parents staff, governors and parents by letter, emails or messages 

Reviewing contracts with our suppliers 

Reviewing policies - Data Protection, Freedom of Information, Communication, Use of photos etc

Reviewing and requesting privacy notices from all our IT providers, eg. Parent pay, IT hosting, SIMS (our school management IT system) etc.

Visitors to the school may have noticed that we have changed how we sign in visitors - so their information is not shared with those who don't need to see it. 

Governors will monitor the arrangements regularly.