General Data Protection Regulation

On May 25th 2018 the General Data Protection Regulation will come into effect across the EU. It is a new law that is being implemented in exactly the same way across all EU countries to create an agreed set of rules to ensure all data held and processed by organisations within the EU is secure and processed lawfully.

As public organisations, schools and academies are required to comply. At Priestley Smith School we have been working on our GDPR readiness since December 2017. Since then:

  • We have made everyone in school aware, including the Governing Body
  • We have been on several training courses
  • We have identified a team to work together on compliance
  • We have begun to review all of our data, documents and processes in order to identify how these need to be amended and revised.

The process of becoming fully GDPR compliant will not be achieved overnight. Rather it will take a long time because it affects all aspects of the school and requires a high volume of documentation to prove our compliance. We do already have strong Data Protection policies in place but these now all need to be updated in line with GDPR.

We are, however, working to ensure that GDPR is central to our day-to-day systems and is fully in place.

We already value and protect all the data we hold on our students, parents and staff and will continue to do so.

As a parent/carer, you will receive some letters from us regarding GDPR. Some of those may be about consent and some about updating your information with us. Please do read and send back everything you receive.

For further information about GDPR please visit the website for the ICO (Information Commissioner’s Office).

The video below is a useful overview for parents of GDPR :

GDPR Mind Map for Parents