Witton Gilbert Primary School

GDPR

At Witton Gilbert Primary School, we take the privacy of our staff, governors, parents/guardians and pupils very seriously and work to the highest standard to keep your data safe.  

​We are committed to compliance with all relevant EU and Member State laws in respect of personal data, and the protection of the rights and freedoms of individuals whose information we collect and process in accordance with the General Data Protection Regulation (GDPR).

Who is responsible for Personal Data?

​As a school, we are a Data Controller under the new regulations and as such define how and why personal data is collected, stored, and used. We also utilise Data Processors – third parties that process the data we control on our behalf. As a Data Controller, we must comply with the new regulation as well as ensuring that all of our Data Processors are compliant.

At Witton Gilbert Primary School, we will ensure compliance by ensuring personal data is processed lawfully, transparently, and for a specific purpose. Once the purpose is fulfilled and the data is no longer required, it will be deleted, as stipulated within our Data Retention Policy.

We currently comply with existing legislation, the Data Protection Act 1998, and are very experienced at working within these regulations.

How we address GDPR

We are currently registered with the Information Commissioner’s Office as Data Processor.  We utilise a wide range of  both physical and technical security measures in line with the recommendations provided by ICO (Information Commissioner’s Office)

We implement additional security measures including advanced firewalls, enhanced virus protection across our entire school estate, regular data backup and multi-factor authentication to control access, automatic suspicious activity detection and logging etc.

We provide regular data protection training to all teaching and support staff as well as our governing body.

We carry out due-diligence with all third party data processors.

We will continue to share the specific details of personal data collected in our Good Practice Privacy notice, which can be found on our Policies Page.

We have also completed a comprehensive data mapping audit of the data that we process and store. We have also reviewed our data breach incident response procedure.

Keeping records up to date

Parents/guardians can assist us in safeguarding GDPR by ensuring that we have the most up to date address, telephone number, emergency contact details and email address on file.  Mrs Lamb in the School Office is the person to contact if you have any changes to make.

Due to changes in privacy law, we can no longer include sensitive information such as medical conditions on any form pre-filled out. When filling out consent or data collection forms in future, please ensure you fill out any NEW AND EXISTING medical conditions or allergies etc. as we will have to update our records based on what you state on the form. The same will apply to ethnicity, nationality etc. Medical conditions will include any allergies/food intolerances as well.

Useful Documents

Please see the school policies page for the school adopted Data Protection policy and the Good Practice Privacy notices.

 

Adobe Reader 
You may need a product like Adobe Reader (free download) to view our PDF documents on our website.