General Data Protection Regulation (GDPR)

Monkhouse Primary School

Data Protection

Policy Statement 2018

Data Protection Statement

Monkhouse School is fully committed to full compliance with the requirements of the General Data Protection Regulation (GDPR). The School will therefore follow procedures which aim to ensure that all our staff, Governors, and contractors who have access to any personal data held by or on behalf of the School are fully aware of and abide by their duties under the GDPR. We also adhere to the guidance issued by the Information Commissioner.

Policy Statement

We collect and use information about our pupils in order to carry out our functions. This also includes information about current, past and prospective staff, parents and suppliers of services to us. In addition we are required by law to collect and use information in order to comply with statutory requirements. Personal information must be processed appropriately however it is collected, recorded and used and in whatever format it is held.

We regard the handling of personal information as very important to us being able to carry out our day to day business and essential to maintaining confidence. We therefore fully adhere to the Principles of the GDPR.

How we handle personal and sensitive data

We will ensure that appropriate controls and measures are in place to monitor and review data so:

  •          It is secure and protected
  •          It is used in efficient and effective ways to improve the education of our pupils
  •          Only necessary data is collected
  •          It is only collected for the purpose as described at the time of collection
  •          Information is accurate
  •          Information is not kept for longer than is necessary
  •          Data which is no longer needed is securely destroyed
  •          Information is not transferred abroad without suitable safeguards
  •          There is general information for pupils and parents and staff of their rights to access information
  •          The rights of pupils, parents and staff about whom information is held can be fully exercised under the General Data Protection Regulations.

We will also ensure appropriate technical and organisational security measures to safeguard information (including unauthorised or unlawful processing and accidental loss or damage of data) are in place.

Individual rights

Under Data Protection Legislation individuals have the right to:

  •          Access their own personal information within one month of request
  •          Prevent processing of their information in certain circumstances
  •          Request that information be corrected, rectified or blocked where it is identified as incorrect
  •          Expect that the we have an officer specifically responsible for data protection in the School
  •          Expect guidance and training for staff is provided at an appropriate level
  •          Ensure that any breaches of this policy are dealt with appropriately and in a timely manner.

The Principles of Data Protection

The GDPR stipulates that anyone processing personal data must comply with 6 special categories of good practice. The special categories are legally enforceable. For more information about the special categories, citizens rights and the distinction between personal data and ‘special categories’ under Data Protection legislation please see the Information Commissioners Data Protection pages.

If you would like to know more about how we use your information, please contact Monkhouse  school office or our Data Protection Officer at the following address:

Wendy Rochester, Information Governance Manager, Law and Governance, North Tyneside Council, The Silverlink North, Cobalt Business Park, NE27 0BY

email: dpo.schools@northtyneside.gov.uk

DOCUMENT CONTROL SHEET

Document Title:         Data Protection Policy Statement

Revision History

Issue Number Date Reason for issue
1.0 March 2018 Implementation of the General Data Protection Regulations (GDPR) coming into force in 2018.
 

Document Authorisation

Issue Number Date Group
1.0 March 2018

Data Protection Officer

Senior Information Governance Officer

Senior Information Governance Officer