GDPR

At Applegarth Primary School we take the privacy of our staff, governors, parents/guardians and pupils very seriously and work to the highest standard to keep your data safe.  You may have already heard about the changes to data protection regulations, and the introduction of the General Data Protection Regulation (GDPR), which comes into force on the 25th May 2018.

​We are committed to compliance with all relevant EU and Member State laws in respect of personal data, and the protection of the rights and freedoms of individuals whose information we collect and process in accordance with the General Data Protection Regulation (GDPR).

Who is responsible for Personal Data?

​As a school, we are a Data Controller under the new regulations and as such define how and why personal data is collected, stored, and used. We also utilise Data Processors – third parties that process the data we control on our behalf. As a Data Controller, we must comply with the new regulation as well as ensuring that all of our Data Processors are compliant.

At Applegarth Primary School we will achieve compliance by ensuring personal data is processed lawfully, transparently, and for a specific purpose. Once the purpose is fulfilled and the data is no longer required, it will be deleted, as stipulated within our Data Retention Policy.

GDPR Quality Assurance

The school has appointed Veritau Ltd to be its Data Protection Officer (DPO). The role of the DPO is to ensure that the school is compliant with GDPR and to oversee data protection procedures. Veritau’s contact details are:

We implement additional security measures including advanced firewalls, enhanced virus protection across our entire school estate, regular data backup and multi-factor authentication to control access, automatic suspicious activity detection and logging etc.

We provide data protection training to all teaching and support staff as well as our governing body.

We carry out due-diligence with all third party data processors.

We will continue to share the specific details of personal data collected in our Privacy notices which have been created for our staff, governing body, parents and pupils. The revised notices are publicly available on our website.

We have also completed a comprehensive data mapping audit of the data that we process and store. We have also reviewed our data breach incident response procedure.

How can you help us to comply with GDPR?

Parents/guardians can assist us in carrying out our GDPR duties by ensuring that we have the most up to date address, telephone number, emergency contact details and email address on file.

Due to changes in privacy law, we can no longer include sensitive information such as medical conditions on any form pre-filled out. When filling out consent or data collection forms in future, please ensure you fill out any NEW AND EXISTING medical conditions or allergies etc. as we will have to update our records based on what you state on the form. The same will apply to ethnicity, nationality etc. Medical conditions will include any allergies/food intolerance’s as well.

Freedom of Information Requests

Details about submitting Freedom of Information requests can be found in the Information Policy.

Useful Documents

GDPR Policies & DocumentsDownload
Privacy Notice for Early Years Funded ProvidersDownload
Complaints Privacy NoticeDownload
Volunteers Privacy NoticeDownload
Recruitment Privacy NoticeDownload
Parents and Pupils Privacy NoticeDownload
Employment Privacy NoticeDownload

Adobe Reader 
You may need a product like Adobe Reader (free download) to view our PDF documents on our website.

Privacy Policy

We regard your privacy as important and any personal information you give to us will be used in accordance with the Data Protection Act and the General Data Protection Regulations.

We do not store personal information about individuals who visit this site except where they provide contact information via our contact us page and contact forms available on various pages throughout the website.

Any information you provide will only be used for the reasons specified and it will not be shared with any third party without your consent, unless required by law.

Your contact details are kept securely and are only accessed by authorised members of staff as part of the provision of school services. If you do not wish us to keep this contact information please tell us.

This website uses Google Analytics which provides statistical data about the usage of the site. This information is not used to identify individuals, but is collected to provide us with an understanding of the areas of interest on our site and how our site is being used.

If you are connected to the internet you will have an IP Address. This may take the form of a figure, such as 333.333.22.1. The address will be automatically collected and logged as part of the connection of your computer to our web server and may be used to determine the total number of visits to each part of the site. This data is not collected and used for other purposes.

This website contains links to other websites. The School is not responsible for the privacy practices of other sites or organisations and recommends you consult the privacy information on those sites.

This policy will be reviewed and updated versions will be posted on the website.

If you have any questions about the use of your personal information, the Information Commissioner is the independent regulator for both Data Protection and Freedom of Information.