GDPR
GDPR (General Data Protection Regulations)
The General Data Protection Regulation replaces the Data Protection Act; which is designed to strengthen and unify the safety and security of all data held within an organisation.
DATA PROTECTION PRINCIPLES
The data protection principles are:
Requesting access to your personal data
Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Mrs Lisa Thompson (Data Protection Lead)
You also have the right to:
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
If you would like to discuss anything in this privacy notice, please contact: Amy Brittan, School Development Officer, Somerset LA – dposchools@somerset.gov.uk
UPDATE
Brexit and data protection
The UK has now officially left the EU, and laws about international data transfers have changed.
The UK is yet to be granted an ‘adequacy decision’ by the EU which will allow data to flow without additional safeguards. However, the UK and EU have put a temporary arrangement in place, detailed within the UK-EU Trade and Cooperation Agreement which came into force on 1st January 2021.
This allows the current transitional arrangement to continue. Personal data can continue to flow from the EU/EEA to the UK for up to six months, on the condition that the UK makes no major changes to its data protection laws. This gives the EU Commission time to consider granting an adequacy decision to the UK.
The UK has retained the General Data Protection Regulation in domestic law, and GDPR in the UK is retitled ‘UK GDPR’.
Once the additional transitional arrangement has concluded, we will provide updated documentation.