Data Protection Policy
|
|
- Jack Hutchinson
- 6 years ago
- Views:
Transcription
1 THE CIPPENHAM SCHOOLS TRUST Data Protection Policy *Date for revision: Summer Term 2018 Responsibility for policy: Responsibility for operational: Trustees Trustees Reviewed by Directors: *subject to any relevant changes in legislation or other appropriate guidelines
2 Statement of Intent We acknowledge that to function properly we need to collect and use certain types of information about staff, pupils and other individuals who come into contact with our schools. We are also obliged to collect and use data to fulfil our obligations to the Local Authority (LA), Department for Education (DfE) and other bodies. We deal with information properly in whatever way it is collected, recorded and used on paper, electronically, in the cloud or any other way. We regard the lawful and correct treatment of personal information as very important to successful operations and to maintaining confidence between those with whom we deal and ourselves. We are conscious that much of the data we hold is classified as sensitive personal data and we are aware of the extra care this kind of information requires. We ensure that all personal information is treated lawfully and correctly. To this end, we fully endorse and adhere to the data protection principles as contained in the Data Protection Act 1998 (DPA). Data Protection Principles All members of staff employed in our schools are required to adhere to the eight enforceable data protection principles as set out in the Data Protection Act Data shall be processed fairly and lawfully and in particular shall not be processed unless specific conditions are met. 2. Personal data shall be obtained only for one or more specified and lawful purpose and shall not be further processed in any manner incompatible with that purpose or those purposes. 3. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. 4. Personal data shall be accurate and where necessary, kept up-to-date. 5. Personal data shall not be kept for longer than is necessary for that purpose or those purposes. 6. Personal data shall be processed in accordance with the rights of data subjects under the DPA. 7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data whether it is held internally or cloud based. 8. Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
3 There is stronger legal protection for more sensitive information such as: - Ethnicity - Background - Political opinions - Health - Religious beliefs - Sexual health - Criminal records Cloud Services We are responsible for: Ensuring that the processing carried out by any cloud service provider/s complies with the DPA requirements by means of a contract and data processing agreement. Ensuring the accuracy of the self-certification statements made by any cloud services suppliers by using the self-certification checklists facilitated by the DFE. School Practice We will apply the following criteria and controls. These are to: Notify the Information Commissioners Office (ICO) that we process personal data and re-notify if procedures change or are amended. Observe fully the conditions regarding the fair collection and use of information. To achieve this we have in place and use a privacy notice, sometimes called a fair processing notice (Appendices A and B) Meet our legal obligations to specify the purposes for which information is used. Collect and process appropriate information and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements. Ensure the quality of information used. Apply strict checks to determine the length of time information is held. Ensure that the rights of the persons about whom information is held can be fully exercised under the Act. These include the right to be informed that processing is being undertaken, the right to access to one s personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase information which is regarded as wrong information. Take appropriate technical and organisational security measures to safeguard personal information. We will review the physical security of buildings and storage systems as well as access to them. All portable electronic devices must be kept as securely as possible on and off school premises.
4 Ensure that all Disclosure and Barring Service (DBS), formerly Criminal Records Bureau (CRB) records (recruitment and vetting checks), are kept in a safe central place and that no unnecessary certification information is kept longer than six months. Ensure that personal information in not transferred abroad without suitable safeguards. Treat people justly and fairly whatever their age, religion, disability, gender, sexual orientation or ethnicity when dealing with requests for information. Set out clear procedures for responding to requests for information (Appendix C). Have in place secure methods for safely disposing of all electronic and paper records. Be sure that photographs of pupils are not included in any school publication or on the school website without specific consent. Ensure that biometric data concerning pupils are not obtained or used without the knowledge of the child and parents and without permission being obtained from them as appropriate. Take care that CCTV that captures or processes images of identifiable individuals is done in line with the data protection principles. We shall also ensure that: There is a named person with specific responsibility for data protection within the school. All persons managing and handling personal information understand that they are contractually responsible for following good data protection practice. All persons managing and handling personal information are trained to do so. Anyone wanting to make enquiries about handling personal information knows what to do. Anyone managing and handling personal information is appropriately supervised. Queries about handling personal information are properly and courteously dealt with. Methods of handling personal information are clearly described. A regular review and audit is made of the way personal information is held, managed and used. Methods of handling personal information are regularly assessed and evaluated. Performance with handling personal information is regularly assessed and evaluated. A breach of the rules and procedures identified in this policy may lead to disciplinary action being taken against the members of staff concerned. On occasions when information is authorised for disposal, it is done appropriately.
5 Appendix A PRIVACY NOTICE The Data Protection Act 1998 School Workforce: those employed or otherwise engaged to work at a school We process personal data relating to those we employ to work at, or otherwise engage to work at, our school. This is for employment purposes to assist in the running of the school and/or to enable individuals to be paid. The collection of this information will benefit both national and local users by: improving the management of workforce data across the sector enabling development of a comprehensive picture of the workforce and how it is deployed informing the development of recruitment and retention policies allowing better financial modelling and planning enabling ethnicity and disability monitoring; and supporting the work of the School Teachers Review Body This personal data includes identifiers such as names and National Insurance numbers and characteristics such as ethnic group, employment contracts and remuneration details, qualifications and absence information. We will not share information about you with third parties without your consent unless the law allows us to. We are required, by law, to pass on some of this personal data to our Local Authority (LA) and the Department for Education (DfE). If you wish to request information please complete our Subject Access Request Form and contact:- Andrea Bown, Data Manager, Cippenham Primary School Tel: Sandra McCarroll, School Business Manager, Cippenham Infant School Tel:
6 Appendix B PRIVACY NOTICE The Data Protection Act 1998 Pupil Data / Information Schools, Local Authorities, and the Department for Education all hold data on pupils in order to run the education system. In so doing, all have to follow the Data Protection Act The main implication of this is that data held about pupils may only be used for specific purposes permitted by law. This notice is to inform you what types of data we hold, why it is held and to whom it may be passed on. We hold information on pupils in order to support their teaching and learning, to monitor and report on their progress, to provide appropriate pastoral care and to help us assess how the school is performing overall. This data will include contact details, national curriculum assessment results, attendance information, characteristics such as ethnicity, SEN and any relevant medical information. The school may include images of or information about pupils on the school website. If this is a problem to you for any reason, please let us know and we will ensure that this information is not included. However, parents do need to know that at times we may be legally bound to disclose information to other bodies such as the police which the school will try to do with the knowledge of the relevant parent(s). From time-to-time, we are required to pass on information to the LA, DFE, to another school to which your child may be transferring, and to the Standards and Testing Agency which is responsible for the national curriculum and associated assessment arrangements. The government may require the school to share information with other agencies such as health, other LA departments and other relevant public bodies. The school will inform parents when this type of processing occurs and seek consent where this is necessary. For further information about how our local authority and/or DfE store and use your personal data please visit: If you wish to request information please complete our Subject Access Request Form and contact:- Andrea Bown, Data Manager, Cippenham Primary School Sandra McCarroll, School Business Manager, Cippenham Infant School
7
8 Dealing with a Subject Access Request Appendix C Requests for information must be made in writing (which includes the use of ) using the Subject Access Request Form (Appendix D) and be addressed to the relevant school headteacher. If the initial request does not clearly specify the information required, then the school will make further enquiries. The headteacher must be confident of the identity of the individual making the request. When the request concerns data about a pupil, checks will also be carried out regarding proof of relationship to the child. Original documentation will be required as evidence of identify. Any individual has the right of access to information held about them. However, in the case of children this is dependent upon their capacity to understand (normally age 12 or above) and the nature of the request. The headteacher should discuss the request with the child and take their views into account when making a decision. A child with competency to understand can refuse to consent to the request for their records. Where the child is not deemed to be competent, an individual with parental responsibility or guardian shall make the decision on behalf of the child. The school may make a charge for the provision of information, depending on the following: - No charge can be made if the requester simply wants to view the educational record of a child. - Should the information requested require a copy of the educational record, then the amount charged will be dependent upon the number of pages provided. This type of record is available to all parents until the child becomes an adult with or without the consent of the child. The school is required to respond within 15 school days. - Should the information requested be personal information that is not an educational record, schools can charge up to 10 to provide it. The response time for subject access requests, other than for educational records, is 40 days from receipt (this refers to calendar days irrespective of school holiday periods). The DPA allows exemptions as to the provision of some information; therefore all information will be reviewed prior to disclosure.
9 Third party information is information that has been provided by another person such as the LA, the police, a health care professional or another school. It is normal good practice to seek the consent of the third party before disclosing information. Even if the third party does not consent, or consent is explicitly not given, the data may be disclosed. (There is no need in the case of third party requests to adhere to the 40-day statutory timescale.) Any information that could cause serious harm to the physical, emotional or mental health of a pupil or another person may not be disclosed, nor should information that would reveal that the child is at risk of abuse. The same stricture applies to information relating to court proceedings. If there are concerns about the disclosure of information, then additional advice should be sought, usually from the Information Commission s Office. When redaction (blacking out or obscuring of data) has taken place, then a full copy of the information provided will be retained in order to establish, if a complaint is made, what was redacted and why. Information disclosed should be clear, with any codes, technical terms, abbreviations or acronyms explained. If information contained within the disclosure is difficult to read or illegible, it will be retyped. Information can be provided at the school with a member of staff on hand to assist if requested, or provided at face-to-face handover. The views of the applicant will be taken into account when considering the method of delivery. If postal systems have to be used, then registered or recorded mail will be used. Complaints will be dealt with in accordance with the school complaints procedure, which is available from the school office. Should the complainant wish to take the matter further, it may be referred to the Information Commissioner
10 Appendix D SUBJECT ACCESS REQUEST FORM The Information supplied in this form will be used only for the purposes of identifying the personal data you are requesting. You should complete this form if you want the Trust or a specific Trust school to supply you with a copy of any personal data which we hold about you. You are entitled to receive this information under the Data Protection Act We will endeavour to respond promptly and in any event within 40 days of receipt of the latest: a) Our receipt of this request; or b) Our receipt of any further information we request from you, which we need to enable us to comply with your request. SECTION 1 Details of the person requesting the information: Full name: Address (including postcode): Telephone / Mobile contact number: address: If this data subject request relates to you, please also tell us of any change of name, address, contact or other details which may have happened during your period of contact with us to help us ensure we can identify all relevant data. Are there any previous names or details to take into account? Yes*/ No *If Yes, please tell us about change(s) of details below (e.g. Previous name/s, addresses, contact details or any other relevant change/s you want to tell us about)
11 SECTION 2 Does the data subject request relate to you? Please select the appropriate answer below:- YES If the data subject request relates to you, please supply evidence of your identity. This needs to be your driving licence, passport, or national identity card, together with a recent letter or bill from a utility company (within the last 3 months) as evidence of address. If you send us original documents, we will aim to return them by special delivery within 5 working days. (Please go to Section 4) NO Are you acting on behalf of someone else to whom the data relates? If so, you need to have written authority a letter from the person in question, a power of attorney document, for example- and that authority must be enclosed. You must also supply evidence of your own identity, i.e. a driving licence, passport, national identity card, a recent letter or utility company bill (within the last 3 months) as evidence of address. If you send us original documents, we will aim to return them by special delivery within 5 working days. (Please go to Section 3) We cannot grant your request if we do not receive sufficient evidence of identity. SECTION 3 Details of the data subject (the data subject is the person whose information you wish to obtain - please complete if different from Section 1) Full name: Address (including postcode): Telephone / Mobile contact number: address: Please also tell us of any change of name, address, contact or other details for the data subject which may have happened during their period of contact with the LGA, to help us ensure we can identify all relevant data. Are there any previous names or details to take into account? Yes*/ No *If Yes, please tell us about change(s) of details below (e.g. Previous name/s, addresses, contact details or any other relevant change/s you want to tell us about)
12 SECTION 4 What information are you seeking? Please describe the information you seek in as much detail as possible together with any other relevant information. This will help us to identify the information you require and respond to you quickly. SECTION 5 Which of the following do you wish to receive information about? a) Why we are processing your personal data Yes/No (delete as appropriate) b) To whom your personal data is disclosed Yes/No (delete as appropriate) c) The source of your personal data Yes/No (delete as appropriate) Please note that if the information you request reveals details directly or indirectly about another person, we will have to seek the consent of that person before we can let you see that information. In certain circumstances we may not be able to disclose the information to you. In this case we will inform you promptly and give full reasons for our decision, or the information will be redacted. In most cases we will be happy to provide you with copies of the information you request. However, in accordance with section 8(2) of the Data Protection Act, if to do so would take disproportionate effort we will not be able to provide you with copies of information requested. In these circumstances, we will make every effort to provide you with a satisfactory form of access or summary of information if suitable and give you an explanation of why we were not able to provide you with your requested information. DECLARATION Please note that any attempt to mislead by providing false information may result in prosecution I confirm that I have read and understood the terms of this subject access form and certify that the information given is true and accurate. I understand that it is necessary for the Trust / School to confirm my/the data subject s identity and it may be necessary to obtain more detailed information in order to locate the correct personal data. Signed Date... Print Name... Please return the completed form and identification to the relevant Headteacher by or post. Contact details are available on the CST website
13 Documents which must accompany this application: 1. Evidence of your identity (Section 2) (if different from above) 2. Evidence of the data subject s identity 3. Authorisation from the data subject to act on their behalf (if applicable) If, when you have received the requested information, you believe that: the information is inaccurate or out of date; or we should no longer be holding that information; or we are using your information for a purpose of which you were unaware; or we may have passed inaccurate information about you to someone else please notify the relevant Headteacher as soon as possible.
Data Management and Protection Policy
Data Management and Protection Policy Approved by Governor committee: Finance and Audit Date to be reviewed: June 2018 Responsibility of : Director of Finance and Operations Date ratified by Governing
More informationData Protection Policy
Data Protection Policy Name of Chair: Mr David Mann Name of Headteacher: Mrs Eileen Bissell Name of person Responsible: Mrs Eileen Bissell Adopted and Agreed on: October 2015 Date of Review: October 2018
More informationDATA PROTECTION POLICY 2016
DATA PROTECTION POLICY 2016 ADOPTED FROM BRADFORD METROPOLITAIN COUNCIL MODEL POLICY AUTUMN 2016 To be agreed by Governors on; 17/10/16 Signed by Chair of Governors: Statutory policy: Yes Frequency of
More informationData Protection Policy
Data Protection Policy (Data Protection Act 1998) (This policy will be updated to incorporate GDPR by May 2018) Page 1 of 9 Data Protection Policy 1 Statement of Policy The Constellation Trust needs to
More informationData Protection Policy
Data Protection Policy This policy will be reviewed by the Trust Board three yearly or amended if there are any changes in legislation before that time. Date of last review: Autumn 2018 Date of next review:
More informationDATA PROTECTION POLICY 2018
DATA PROTECTION POLICY 2018 Amesbury Baptist Church is committed to protecting all information that we handle about people we support and work with, and to respecting people s rights around how their information
More informationBreakthrough Data Protection Policy Approved by Lead Organisation: November 2017 Next Review Date: November 2018
Breakthrough Data Protection Policy Approved by Lead Organisation: November 2017 Next Review Date: November 2018 Introduction The Partner organisations within the Breakthrough Programme need to collect
More informationSt Mark s Church of England Academy Data Protection Policy
St Mark s Church of England Academy Data Protection Policy 1 Contents Purpose:... Error! Bookmark not defined. Scope:... Error! Bookmark not defined. Procedure:... Error! Bookmark not defined. Definitions:...
More informationDATA PROTECTION POLICY WINCHESTER CITY COUNCIL. Data Protection Policy
DATA PROTECTION POLICY WINCHESTER CITY COUNCIL Document Title: Author: Fiona Sutherland Revision History Version Revision Date Summary of Change Distribution 1.0 08/03/16 Internet Intranet WINCHESTER CITY
More informationGeneral Optical Council. Data Protection Policy
General Optical Council Data Protection Policy Authors: Lisa Sparkes Version: 1.2 Status: Live Date: September 2013 Review Date: September 2014 Location: Internet / Intranet Document History Version Date
More informationEARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY
EARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY Adopted: 5 June 2018 1 Earls Hall Baptist Church is committed to protecting all information that we handle about people we support and work with, and to
More informationScottish Charity Number SC Dingwall Baptist Church DATA PROTECTION POLICY
Dingwall Baptist Church DATA PROTECTION POLICY Adopted: By Trustees Dingwall Baptist Church May 2018 1 Dingwall Baptist Church is committed to protecting all information that we handle about people we
More informationSHENLEY BROOK END SCHOOL
SHENLEY BROOK END SCHOOL DATA PROTECTION POLICY Linked Policies: CCTV Review Information Reviewed by Finance Pay and Personnel Committee 15 May 2012 Reviewed by Policy Committee August 2013 Adopted by
More informationSAFFRON WALDEN COMMUNITY CHURCH DATA PROTECTION POLICY. Adopted: [ ]
SAFFRON WALDEN COMMUNITY CHURCH DATA PROTECTION POLICY Adopted: [17-04-2018] 1 SAFFRON WALDEN COMMUNITY CHURCH is committed to protecting all information that we handle about people we support and work
More informationSection a What this Policy is for Policy Statement. 2. Why this policy is important... 3
Norwich Central Baptist Church DATA PROTECTION POLICY Adopted: May.2018 Norwich Central Baptist Church (NCBC) is committed to protecting all information that we handle about people we support and work
More informationData Protection Policy
Reference: Date Approved: April 2015 Approving Body: Board of Trustees Implementation Date: August 2015 Supersedes: 2.0 Stakeholder groups Governance Committee, Board of Trustees consulted: Target Audience:
More informationBaptist Union of Scotland DATA PROTECTION POLICY
Baptist Union of Scotland DATA PROTECTION POLICY Adopted: May 2018 1 1.The Baptist Union of Scotland 48, Speirs Wharf, Glasgow G4 9TH (Charity Registration SC004960) is committed to protecting all information
More informationSt Laurence s Primary School. Privacy notices GDPR compliant
St Laurence s Primary School Privacy notices GDPR compliant Contents: Privacy notice for parents/carers page 2 Privacy notice for pupils page 7 Privacy notice for staff... page 12 1. Privacy notice for
More informationDixons Academies Charitable Trust. Pupils, parents and staff privacy notice
Dixons Academies Charitable Trust Pupils, parents and staff privacy notice Contents: Privacy notice for parents/carers page 3 Privacy notice for pupils.page 7 Privacy notice for staff page 11 1. Privacy
More informationQueen s Croft High School DATA PROTECTION POLICY AND PRIVACY NOTICE
Queen s Croft High School DATA PROTECTION POLICY AND PRIVACY NOTICE Prepared by: Peter Hawksworth, Headteacher Checked by: Jackie Hesslegrave, Business Manager Adopted by Governors: November 2017 Review
More informationDATA PROTECTION POLICY
1. Introduction This policy is intended to provide information about how the School will use (or process ) personal data about individuals including: Current, past and prospective pupils; Parents, carers
More informationTHE COURTYARD Privacy Notice Policy
THE COURTYARD Privacy Notice Policy The Courtyard aims to offer an outstanding educational and social provision that will equip our students with the skills and experiences needed to discover and live
More informationLEICESTER HIGH SCHOOL DATA PROTECTION POLICY
LEICESTER HIGH SCHOOL DATA PROTECTION POLICY 1. Background Data protection is an important legal compliance issue for Leicester High School. During the course of the School's activities it collects, stores
More informationThis personal information must be dealt with properly, with appropriate safeguards in place to ensure the rights and freedoms of data subjects.
BELFAST ROYAL ACADEMY Data Protection Policy Introduction Belfast Royal Academy recognises and accepts its responsibilities as set out in the Data Protection Act 1998. The School will take all reasonable
More informationData Protection Policy & Procedures
Data Protection Policy & Procedures Scope In this document, the terms we, us, our and/or Clear Sky refer to Clear Sky Children s Charity. The term you and/or your refer to all employees of Clear Sky, who
More informationPOLICY ON INFORMATION, SECURITY & DATA PROTECTION
POLICY ON INFORMATION, SECURITY & DATA PROTECTION As a recruitment company, First Recruitment is a data controller. This means it processes personal data about its work seekers, individual client contacts
More informationNEW LIFE BAPTIST CHURCH NORTHALLERTON DATA PROTECTION POLICY. Adopted: 20 June 2018 To be reviewed: June 2021
NEW LIFE BAPTIST CHURCH NORTHALLERTON DATA PROTECTION POLICY Adopted: 20 June 2018 To be reviewed: June 2021 NEW LIFE BAPTIST CHURCH, NORTHALLERTON (referred to in this policy as NLBC) is committed to
More informationData Protection Policy
Data Protection Policy Reviewed by: Reviewed when Resources Committee As required Date written and last reviewed July 2018 Source and date of model policy, if applicable n/a Contents 1. Aims... 2 2. Legislation
More informationData Protection Policy for Staff DJJK. Apr of 10
Data Protection Policy for Staff DJJK Apr 2018 1 of 10 Review and Amendment Record Date Person Conducting the Review Mar 2018 PMS New Policy, GDPR Apr 2018 DJJK Review Changes Made 2 of 10 1 Introduction
More informationData Protection Policy. UK Policy May 2018
UK Policy May 2018 5 & 7 Diamond Court, Opal Drive, Eastlake Park, Fox Milne, Milton Keynes MK15 0DU, T: 01908 396250, F: 01908 396251 www.cognitaschools.co.uk Registered in England Cognita Limited No
More informationCHANNING SCHOOL DATA PROTECTION POLICY
CHANNING SCHOOL DATA PROTECTION POLICY The School may amend/change/update this Policy from time to time. 1. Background Data protection is an important legal compliance issue for Channing School. During
More informationData Protection. Document Detail Type of Document (Stat Policy/Policy/Procedure) Category of Document (Trust HR-Fin-FM-Gen/Academy) General
Data Protection Document Detail Type of Document (Stat Policy/Policy/Procedure) Policy Category of Document (Trust HR-Fin-FM-Gen/Academy) General Index reference number Approved 26/04/18 Approved by Trust
More informationDATA PROTECTION POLICY
Registered Address: Mountdale Gardens, Leigh-on-Sea, Essex SS9 4AW Executive Headteacher: Mrs. J. Mullan Telephone: (01702) 524193 Fax: (01702) 526761 DATA PROTECTION POLICY SEN TRUST SOUTHEND KINGSDOWN
More informationPrivacy notice for the school workforce (all staff) The personal data we hold
In line with new General Data Protection Regulations (GDPR), effective from 25 May 2018, please find below details of the privacy notice for all students in school. Privacy notice for the school workforce
More informationData subject access policy
Data subject access policy Introduction 1. This is our Data subject access requests policy. 2. We are the professional regulator for nurses and midwives in the UK. Our principal functions include setting
More informationDATA PROTECTION POLICY
Registered Address: Mountdale Gardens, Leigh-on-Sea, Essex SS9 4AW Executive Headteacher: Mrs. J. Mullan Telephone: (01702) 524193 Fax: (01702) 526761 DATA PROTECTION POLICY SEN TRUST SOUTHEND KINGSDOWN
More informationData Protection Policy.
Data Protection Policy. The Leonardo Trust needs to keep certain information on its Employees, Volunteers, Service Users (clients) and Trustees to carry out its day to day operations, to meet its objectives
More informationParent / Carer Privacy Notice
Document No. PP Issue No. 1 Issue Date: 2018-05-24 Renewal Date: 2019-05-24 Originator: Kate Frith Responsibility: Director of Resources 1. Policy statement Parent / Carer Privacy Notice We are Fullhurst
More informationData Protection/ Information Security Policy
Data Protection/ Information Security Policy Date Policy Reviewed 27 th April 2016 Date Passed to Governors: 27 th April 2016 Approved by Governors: 7 th June 2016 Date of Next Review: June 2018 Data Protection
More informationThe Heathland School. Privacy notice for staff
The Heathland School Privacy notice for staff Under data protection law, individuals have a right to be informed about how the school uses any personal data that we hold about them. We comply with this
More informationData Protection Policy
Policy Current Status Operational Last Review: May 2018 Responsibility for Review: Director of Administration, Contracts and Health Next Review: September 2019 Internal Approval: & Safety SLT Originated:
More informationWe reserve the right to update this privacy notice at any time. Please check our website from time to time for any changes we may make.
What is the purpose of this document? NORTHERN IRELAND SCREEN COMMISSION (Company Number NI031997) whose registered office is at 3 rd Floor Alfred House, 21 Alfred Street, Belfast, BT2 8ED is committed
More informationPrivacy Notice for Clients of RISDON HOSEGOOD Solicitors
Privacy Notice for Clients of RISDON HOSEGOOD Solicitors What does this document do? This Privacy Notice describes how personal data we collect from our clients will be collected, stored and processed.
More informationSCHOOLS DATA PROTECTION POLICY. Guidance Notes for Schools
SCHOOLS DATA PROTECTION POLICY Guidance Notes for Schools Please read this policy carefully and ensure that all spaces highlighted in the document are completed prior to publication. Please ensure that
More informationData Protection Policy
Hand in Hand We Learn OUR LADY & ST ANSELM S RC PRIMARY SCHOOL Data Protection Policy All children are recognised as unique individuals and nurtured in a caring family environment, with Christ at its centre.
More informationData protection (GDPR) policy
Data protection (GDPR) policy January 2018 Version: 1.0 NHS fraud. Spot it. Report it. Together we stop it. Version control Version Name Date Comment 1.0 Trevor Duplessis 22/01/18 Review due Dec 2018 OFFICIAL
More informationData Protection Policy
Data Protection Policy for The Astor Bannerman Group of Companies Issue Date: 3 rd January 2014 Version: 01 Approval History Name Department Role/Position Date approved Signature James Stuart- Smith Director
More informationData Protection Policy
Data Protection Policy Version Date Revision Author Summary of Changes 1.0 21 st May 2018 Ashleigh Morrow EXECUTIVE STATEMENT At CASTLEREAGH NURSERY SCHOOL (the School ), we believe privacy is important.
More informationHOLY TRINITY CE PRIMARY SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS
HOLY TRINITY CE PRIMARY SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS Holy Trinity collects data and information about parents / carers of our pupils so that we can operate effectively as a school.
More informationPrivacy Notice for Staff
Privacy Notice for Staff This Policy is to be used across all DEMAT schools Version Date DEMAT Officer responsible for updating content DPO Date approved by DEMAT Standards & Ethos Committee 1 Apri 2018
More informationPrivacy notice for the school workforce
Privacy notice for the school workforce Under data protection law, individuals have a right to be informed about how the school uses any personal data that we hold about them. We comply with this right
More information[STAFF DATA PROTECTION NOTICE]
2018 Solihull Music Service [STAFF DATA PROTECTION NOTICE] Privacy notice for staff Introduction Under data protection law, individuals have a right to be informed about how the service uses any personal
More informationWorkforce Privacy Notice
Workforce Privacy Notice Policy Statement As the Lion Academy Trust, during an individual s time with us, we will use information that we gather in relation to them for various purposes. Information that
More informationPrivacy Notice: All staff
Privacy Notice: All staff Approved: May 2018 Review date: May 2020 Theale C of E Primary School Church Street Theale RG7 5BZ Tel: 0118 9302239 Email: office@theale.w-berks.sch.uk Privacy Notice: All Staff
More informationData Protection. Policy
Data Protection Policy Why do we need this policy? What does the policy apply to? Which parts of SQA are affected? SQA is committed to adopting best practice in protecting the personal information of all
More informationHITCHIN GIRLS SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING HITCHIN GIRLS SCHOOL
HITCHIN GIRLS SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING HITCHIN GIRLS SCHOOL Hitchin Girls School collects data and information about parents / carers of our pupils so that we can
More informationData Protection Employee Privacy Notice
Data Protection Employee Privacy Notice Data Protection Employee Privacy Notice Page 1 of 7 Contents 1. Introduction... 3 2. What is personal data/special categories of personal data?... 3 3. What information
More informationData Protection Act Policy And Operational Procedures For the Trust, Its Academies, And Essa Nursery
Data Protection Act Policy And Operational Procedures For the Trust, Its Academies, And Essa Nursery Date approved by the Board of Directors: 7 July 2017 Date adopted by Essa Academy Local Governing Body:
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY APRIL 2018 Attendance Policy and Procedures (Pupils) (P3/Policies) Updated January 2018 Page 1 of 11 Title Summary Purpose Operational Date April 2018 Next Review Date April 2019
More informationPRIVACY NOTICE FOR JOB APPLICANTS
PRIVACY NOTICE FOR JOB APPLICANTS 1. General Information 1.1 Derby County Football Club are committed to protecting the privacy and security of your personal information. 1.2 Under data protection law,
More informationPrivacy notice for candidates applying to the school to become employees
Privacy notice for candidates applying to the school to become employees This document gives you detailed information about how we use your personal data and complies with the Data Protection Act 1998
More informationNetwork Rail internal privacy notice
Network Rail internal privacy notice Introduction This privacy notice describes in detail how Network Rail Infrastructure Limited (NR) and its subsidiaries use your personal information when you become
More informationSecurity of Personal Data Policy and Guidelines
Kensington & Chelsea College Security of Personal Data Policy and Guidelines Written by Richard Lane, April 2009 Updated for subject access requests February 2011 1 Introduction KCC holds personal data
More informationLIFE STYLE CARE PLC. Privacy Statement for Employees. August 2018
LIFE STYLE CARE PLC Privacy Statement for Employees August 2018 Key points Why we use your personal data: We typically use your personal information for purposes related to your employment relationship
More informationData Protection Policy for the Grimsby Institute of Further & Higher Education
Data Protection Policy for the Grimsby Institute of Further & Higher Education Data Protection Policy Change Control Version: V1.1 New or Replacement: Approved by: Replacement Executive Management Team
More informationTourettes Action Data Protection Policy
Tourettes Action Data Protection Policy Effective date: 01/01/2018 Review date: 01/01/2020 Approved: Suzanne Dobson, CEO Tourettes Action Author: Pippa McClounan, Office Manager Tourettes Action Version
More informationHuman Resources. Data Protection Policy IMS HRD 012. Version: 1.00
Human Resources Data Protection Policy IMS HRD 012 Version: 1.00 Disclaimer While we do our best to ensure that the information contained in this document is accurate and up to date when it was printed
More informationRSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company )
RSD Technology Limited - Data protection policy: Introduction Company Name: Document DP3 Topic: RSD Technology Limited ( the Company ) Data Protection Policy Data protection Date: 25 th May 2018 Version:
More informationPRIVACY NOTICE for Welsh St Donat s Community Council, May 2018
PRIVACY NOTICE for Welsh St Donat s Community Council, May 2018 NOTE: Welsh St Donat s Community Council is a small, rural Community Council and, compared with many councils and public bodies, processes
More informationPrivacy Notice Work Force
Privacy notice for the school workforce Under data protection law, individuals have a right to be informed about how the school uses any personal data that we hold about them. We comply with this right
More informationData Protection Policy, including Key Procedures
Data Protection Policy, including Key Procedures Revision Number :- 0 Date :- 16 April 2018 Status :- Approved Issue Date :- 22 March 2018 HEADING Aims of this Policy SECTION CONTENT Milton s Cottage Trust
More informationGDPR privacy notice: Applicants to a new role
GDPR privacy notice: Applicants to a new role All schools are required to detail to prospective staff how their personal data may be collected and used. This Privacy Notice ensures compliance with the
More informationLittle Gaddesden C. of E. Primary School
PRIVACY NOTICE - PARENTS AND CARERS Approved by Resources Committee 21 May 18 Approved by Governing Body 22 May 18 Review by May 20 Little Gaddesden School collects data and information about parents /
More informationData Protection Policy
Data Protection Policy University of London Data Protection UoL website link: http://www.london.ac.uk/238.html Email: records.managament@london.ac.uk Contents 1 Policy statement... 3 2 Introduction and
More informationRoundwood Primary School. Privacy Notice Parents
Roundwood Primary School Privacy Notice - Parents Name of Policy Privacy Notice Parents Date of adoption April 2018 Date of next review April 2020 Governing Body Committee Responsible Resources Member
More informationPrivacy Notice: for staff, trustees, governors and all who are engaged to work within The Evolve Trust
Privacy Notice: for staff, trustees, governors and all who are engaged to work within The Evolve Trust Use of Your Personal Data Statement Purpose: Information that we hold in relation to staff, trustees
More informationMatrix Academy Trust Data Protection & Freedom of Information Policy
Matrix Academy Trust Data Protection & Freedom of Information Policy Published June 2016 Review May 2021 Review Led by C Berry 1 1. Matrix Academy Trust collects and uses personal information (referred
More informationPRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING Greenside School
PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING Greenside School Greenside School collects data and information about parents / carers of our pupils so that we can operate effectively as a school.
More informationTimePlan Education Group Ltd ( the Company ) Data Protection. Date: April Version: 001. Contents
Company Name: Document DP3 Topic: ( the Company ) Data Protection Policy Data Protection Date: April 2018 Version: 001 Contents Introduction Definitions Data processing under the Data Protection Laws 1.
More informationWellington College Belfast
Wellington College Belfast PRIVACY NOTICE For Those Employed to Teach at a Controlled School Signed: Approved by Board of Governors Date: t21-41%,2o( Reviewed Date: version Date Published Responsible Officer
More informationTCS Privacy Notice - Staff
TCS Privacy Notice - Staff Review Cycle: Annual (until 24/05/2019) 2 Yearly (after 24/05/2019) Notice Prepared/Reviewed by: Committee responsible Statutory/Discretionary Date of FGB ratification: JW TBC
More informationData Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents
Company Name: Document: Topic: System People ( the Company ) Data Protection Policy Data protection Date: 28/4/2018 Version: 1 Contents Introduction Definitions Data processing under the Data Protection
More informationVMS Software Ltd- Data Protection Privacy Policy
VMS Software Ltd- Data Protection Privacy Policy Introduction The purpose of this document is to provide a concise policy statement regarding the Data Protection obligations of VMS Software Ltd. This includes
More informationPrivacy Notice (How we use school workforce information)
Privacy Notice (How we use school workforce information) We process personal data relating to those we employ to work at, or otherwise engage to work at, our school. This is for employment purposes to
More informationEDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants
EDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants 1 Overview Data Protection Policy for Employees, Workers
More informationData Protection Policy Approved by: COG Approved: 9 August 2017 Review date: August 2019 Version: Statement of Intent
Data Protection Policy Approved by: COG Approved: 9 August 2017 Review date: August 2019 Version: 4 1. Statement of Intent 1.1 Radian 1 must collect, store and process information about its customers,
More informationTHE PORTSMOUTH GRAMMAR SCHOOL
THE PORTSMOUTH GRAMMAR SCHOOL STAFF PRIVACY NOTICE In the course of your employment, engagement or other basis of work undertaken for the school, we will collect, use and hold ( process ) personal data
More informationDATA PROTECTION POLICY VERSION 1.0
VERSION 1.0 1 Department of Education and Skills Last updated 21 May 2018 Table of Contents 1. Introduction... 4 2. Scope & purpose... 4 3. Responsibility for this policy... 5 4. Data protection principles...
More informationFunctional area. F Hallinan, C Abad, W Andrews Approver (s) Version 001 Effective date 25 May Privacy Notice for Emergency Contacts
The Charter Schools Educational Trust Privacy Notice for Emergency contacts GDPR compliant (Article 14 contact details given by someone other than the data subject) Contents: The personal data we hold
More informationRECRUITMENT PRIVACY NOTICE
SCOPE OF PRIVACY NOTICE RECRUITMENT PRIVACY NOTICE 1. Like most businesses, we hold and process a wide range of information, some of which relates to individuals who are applying to work for us. This notice
More informationPRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING: St Luke s School
St Luke s School Policies, Guidance & Procedures PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING: St Luke s School St Luke s School collects data and information about parents / carers of our pupils
More informationArk Schools Data Protection & Freedom of Information Policy
Ark Schools Data Protection & Freedom of Information Policy PURPOSE This Ark Schools Data Protection & Freedom of Information (FOI) policy is intended to ensure that personal information is dealt with
More informationData Protection Policy
Preston and District Data Protection Policy The University of the Third Age Scope of the policy This policy applies to the work of Preston & District U3A (hereafter the U3A ). The policy sets out the requirements
More informationDIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS
DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS 1. ABOUT THIS DATA PRIVACY NOTICE 1.1 Diomed Developments Limited, and companies within the group controlled by Diomed Developments Limited
More informationInformation Sharing Policy
Information Sharing Policy DOCUMENT CONTROL: Version: 1 Ratified by: Risk Management Sub Group Date ratified: 19 December 2012 Name of originator/author: Information Governance Manager Name of responsible
More informationRECRUITMENT PRIVACY NOTICE
RECRUITMENT PRIVACY NOTICE 1. SCOPE OF PRIVACY NOTICE 1.1 Like most businesses, we hold and process a wide range of information, some of which relates to individuals who are applying to work for us. This
More information2.1.2 Gender, age, date of birth, marital status and nationality;
PRIVACY STATEMENT FOR THE ROMAN CATHOLIC ARCHDIOCESE OF SOUTHWARK 1 INTRODUCTION 1.1 The Roman Catholic Archdiocese of Southwark (the "Diocese") is a charity registered with the Charity Commission in England
More informationParents / Carers of Pupils Attending St Catherine s C of E Primary School Privacy Notice
Parents / Carers of Pupils Attending St Catherine s C of E Primary School Privacy Notice Created 15th May 2018 PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING ST CATHERINE S C OF E PRIMARY SCHOOL
More informationDIGITGAIN LTD. Rectory Road, Padworth Common, West Berkshire, RG7 4JD Tel: DATED GDPR PRIVACY POLICY FOR EMPLOYEES,
DIGITGAIN LTD Rectory Road, Padworth Common, West Berkshire, RG7 4JD Tel: 0118 971 3840 DATED GDPR PRIVACY POLICY FOR EMPLOYEES, CHILDREN ATTENDING JUBILEE AND THEIR PARENTS Guidance from - Compiled by
More informationUniversity for the Creative Arts Application Declaration. Data Protection Privacy Notice
University for the Creative Arts Application Declaration Data Protection Privacy Notice The University for the Creative Arts takes its obligations with regard to data protection seriously. As such, we
More information