Trewirgie Junior School

An error occurred on the server when processing the URL. Please contact the system administrator.

If you are the system administrator please click here to find out more about this error.

Privacy Notice - GENERAL Data Protection Regulation 2018

The new GDPR (General Data Protection Regulation) has replaced the current Data Protection Act (DPA) and has strengthened and unified all data held within an organisation. For schools, GDPR brought with it a new responsibility to inform parents and stakeholders about how they are using pupils’ data and who it is being used by.

 What does GDPR mean for schools?

A great deal of the processing of personal data undertaken by schools will fall under a specific legal basis, ‘in the public interest’. As it is in the public interest to operate schools successfully, it will mean that specific consent will not be needed in the majority of cases in schools.

GDPR will ensure data is protected and will give individuals more control over their data, however this means schools will have greater accountability for the data.

Under GDPR, consent must be explicitly given to anything that isn’t within the normal business of the school, especially if it involves a third party managing the data. Parents (or the pupil themselves depending on their age) must express consent for their child’s data to be used outside of the normal business of the school.

(How we use pupil information)

 Why do we collect and use pupil information? We collect and use pupil information under the Education Act 1996. The EU general data protection regulation 2016/679 (GDPR) will take effect in May 25 2018 including Article 6 ‘lawfulness of processing’ and Article 9 ‘Processing of special categories of personal data’

https://www.gov.uk/education/data-collection-and-censuses-for-schools]

 We use the pupil data: 

 The categories of pupil information that we collect, hold and share include: 

Collecting pupil information

Whilst the majority of pupil information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain pupil information to us or if you have a choice in this. 

Storing pupil data

We hold pupil data for 6 years following a student’s last entry.

 Who do we share pupil information with?

We routinely share pupil information with: 

Why we share pupil information

We do not share information about our pupils with anyone without consent unless the law and our policies allow us to do so.

 We share pupils’ data with the Department for Education (DfE) on a statutory basis. This data sharing underpins school funding and educational attainment policy and monitoring. 

 We are required to share information about our pupils with the (DfE) under regulation 5 of The Education (Information About Individual Pupils) (England) Regulations 2013. 

 The National Pupil Database (NPD)

 The NPD is owned and managed by the Department for Education and contains information about pupils in schools in England. It provides invaluable evidence on educational performance to inform independent research, as well as studies commissioned by the Department. It is held in electronic format for statistical purposes. This information is securely collected from a range of sources including schools, local authorities and awarding bodies. 

 We are required by law, to provide information about our pupils to the DfE as part of statutory data collections such as the school census and early years’ census. Some of this information is then stored in the NPD. The law that allows this is the Education (Information About Individual Pupils) (England) Regulations 2013. 

 To find out more about the pupil information we share with the department, for the purpose of data collections, go to https://www.gov.uk/education/data-collection-and-censuses-for-schools

To find out more about the NPD, go to https://www.gov.uk/government/publications/national-pupil-database-user-guide-and-supporting-information

 The department may share information about our pupils from the NPD with third parties who promote the education or well-being of children in England by: 

The Department has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether DfE releases data to third parties are subject to a strict approval process and based on a detailed assessment of: 

To be granted access to pupil information, organisations must comply with strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data. 

 For more information about the department’s data sharing process, please visit:

https://www.gov.uk/data-protection-how-we-collect-and-share-research-data 

 For information about which organisations the department has provided pupil information, (and for which project), please visit the following website: https://www.gov.uk/government/publications/national-pupil-database-requests-received 

 To contact DfE: https://www.gov.uk/contact-dfe 

 Requesting access to your personal data

Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Mrs Michelle Burton via mburton@tjschool.co.uk 

 You also have the right to:

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/ 

Contact:

If you would like to discuss anything in this privacy notice, please contact: 

Data Protection Officer - Mrs. Nicola Hodson

c/o Trewirgie Junior School

Redruth

Cornwall

TR15 2QN

Tel: 01209 215238

Email: enquiries@tjschool.co.uk

 

Please click below for policies relating to the new GDPR regulations:

 


 

"My Best Always"