Pilsley Primary School

Pilsley Primary School

Inspire, Respect, Achieve

  1. School Information
  2. Data Protection (GDPR)

Data Protection (GDPR)

 

General Data Protection Regulation (GDPR)

 

The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation which will determine how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.

‘Personal data’ means information that can identify a living individual.

The regulation applies to all schools since 25 May 2018, and will apply even after the UK leaves the EU.

Main principles

The GDPR sets out the key principles that all personal data must be processed in line with.

  • Data must be: processed lawfully, fairly and transparently; collected for specific, explicit and legitimate purposes; limited to what is necessary for the purposes for which it is processed; accurate and kept up to date; held securely; only retained for as long as is necessary for the reasons it was collected

There are also stronger rights for individuals regarding their own data.

  • The individual’s rights include: to be informed about how their data is used, to have access to their data, to rectify incorrect information, to have their data erased, to restrict how their data is used, to move their data from one organisation to another, and to object to their data being used at all

New requirements

The GDPR is similar to the Data Protection Act (DPA) 1998 (which schools already comply with), but strengthens many of the DPA’s principles. The main changes are:

  • Schools must appoint a data protection officer, who will advise on compliance with the GDPR and other relevant data protection law
  • Privacy notices must be in clear and plain language and include some extra information – the school’s ‘legal basis’ for processing, the individual’s rights in relation to their own data
  • Schools will only have a month to comply with subject access requests, and in most cases can’t charge
  • Where the school needs an individual’s consent to process data, this consent must be freely given, specific, informed and unambiguous
  • There are new, special protections for children’s data
  • The Information Commissioner’s Office must be notified within 72 hours of a data breach
  • Organisations will have to demonstrate how they comply with the new law
  • Schools will need to carry out a data protection impact assessment when considering using data in new ways, or implementing new technology to monitor pupils
  • Higher fines for data breaches – up to 20 million euros

 

In line with GDPR requirements, we have updated our Data Protection Policy and Privacy Notice.

To view the latest versions of our updated documentation please click on the links below:

 

  Pilsley Primary School Data Protection Policy

  Pilsley Primary School Privacy Notice for Pupils and Families

  Pilsley Primary School Privacy Notice for Staff

  Pilsley Primary School Privacy Notice for Governors

  Derbyshire County Council (DCC) record retention periods guide for schools (Please note as of April 2023, this document is currently being updated and the new version will be published once approved by Governors)

Should you have any queries relating to GDPR or Data Protection, please in the first instance contact our Data Protection Officer or Head Teacher as detailed below:

 

Our School Data Protection Officer (DPO)

Education Data Hub (GDPR for Schools) 

Derbyshire County Council, County Hall, Smedley Street, Matlock, Derbyshire DE4 3AG

Tel: 01629 532888

Email: DPforSchools@derbyshire.gov.uk

 

Our School Data Lead

Mrs Sarah Kelley (School Business Officer)

Tel: 01773 872378

Email: S.Kelley@pilsley-pri.derbyshire.sch.uk

 

Head Teacher

Mrs Lynn Brook

Tel: 01773 872378

Email: headteacher@pilsley-pri.derbyshire.sch.uk

Station Road, Chesterfield, Derbyshire, S45 8EU

01773 872378

info@pilsley-pri.derbyshire.sch.uk

© 2023 Pilsley Primary School.
Our school website is created using School Jotter, a Webanywhere product. [Administer Site]

Our use of cookies

We use necessary cookies to make our site work. We'd also like to set optional analytics cookies to help us improve it. We won't set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences.

For more detailed information about the cookies we use, see our Cookies page Cookie Control Link Icon

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

We'd like to set Google Analytics cookies to help us to improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone. For more information on how these cookies work, please see our 'Cookies page'.

We use cookies to provide you with the best experience on our website. Read our Privacy Policy to find out more. Policy page Cookie Control Link Icon