GDPR

The recent changes to data protection regulations came into force on 25 May 2018 to strengthen the rights of individuals to data privacy. These changes affect everyone, and every organisation, in some way. The Northworthy Trust is classed as a “data controller” and must ensure the data processors, including its schools, abide by data protection laws. Personal data is anything which means an individual can be identified. Data controllers must ensure personal data is processed lawfully, transparently, and for a specific purpose. Once that purpose is fulfilled and the data is no longer required, it should be deleted.

Schools have already been complying with the Data Protection Act 1998 and are very experienced at working within such regulations. All personal data which we need for the daily running of the school is classed as “in the public interest” and this data does not require consent. We have updated our Privacy Notices and are in the process of updating our policies, all of which are listed below. If you require any hard copies, please contact your school.

 

Privacy Notice for Pupils

Privacy Notice for Parents/Carers

Privacy Notice for Staff

Data Protection Policy

Photography Policy

Records Retention Policy

Subject Access Request Form

Parent Fact Sheet

 

Go to top