Data Protection- GDPR
Cockton Hill Junior School collects and uses pupil information under the Data Protection Act 1998 and the Education Act 1996 which are lawful basis for collecting and using pupil information for general purposes (and from Article 6 and Article 9 where data processed is special category data from the General Data Protection Regulation from 25 May 2018).
Under the new regulations we are classed as a Data Controller for the purposes of the Data Protection Act 1998 and as such define how and why personal data is collected, stored, and used. We also use third party Data Processors that process data on our behalf. As a Data Controller, it is essential that we comply with the new regulation as well as ensuring that all of our Data Processors are compliant.
We take the privacy of our staff, governors, parents/guardians and pupils very seriously and we strive to ensure all data is kept safely and securely. We are committed to compliance with all principles and will collect and process data in accordance with the General Data Protection Regulation (GDPR).
Here at Cockton Hill Junior School we will achieve compliance by:
- ensuring personal data is processed lawfully, transparently, and for a specific purpose. Once the purpose is fulfilled and the data is no longer required, it will be deleted, as stipulated within our Data Retention Policy
- use the recommendations provided by ICO (Information Commissioner’s Office). Information Commissioner’s Office registration number is Z9863010
- ensure all staff are compliant through the provision of regular data protection training to all administrative, teaching and support staff as well as our governing body
- carry out due-diligence with all third party data processors
- continue to share the specific details of personal data collected in our Privacy notices which have been created for our staff, governing body, parents and pupils. The revised notices are publicly available on our website
- complete a comprehensive data mapping audit of the data that we process and store
- ensure that a data breach incident response procedure is in place
We hold personal data and use it to:
- Support Quality First Teaching and Learning
- Monitor and report on pupil progress
- Provide appropriate pastoral care
- Assess against National expectations
This information includes your child’s contact details, national curriculum assessment results, attendance information and personal characteristics such as ethnic group, any special educational needs and relevant medical information. Due to changes in privacy law, we can no longer include sensitive information such as medical conditions on any form pre-filled out. When filling out consent or data collection forms in future, please ensure you fill out any NEW AND EXISTING medical conditions or allergies etc as we will have to update our records based on what you state on the form. The same will apply to ethnicity, nationality etc. Medical conditions will include any allergies and/or food intolerance.
We will not give information about your child/children to anyone outside the school without your consent unless the law and our rules allow us to.
We are required by law to pass some information about your child to the Local Authority and the Department for Education (DfE)
Parents/guardians can assist us in preparing for GDPR by ensuring that we have the most up to date:
- address
- telephone numbers for both parents
- other emergency contact details
- email address.
Please click on the following links for further information:
