GDPR Statement for Parents/Carers and Pupils
We take your privacy very seriously and work to the highest standard to keep your data safe. The General Data Protection Regulation (GDPR), came into force on the 25th May 2018, and it provides all of our stakeholders with an opportunity to reflect upon the measures that we have in place to protect data.
We are committed to comply with all relevant EU and Member State laws in respect of personal data. We are also committed to the protection of the rights and freedoms of individuals whose information we collect and process in accordance with the General Data Protection Regulation (GDPR). Ongoing compliance is embedded in all processes and policies throughout Albany Village Primary School.
Who is responsible for Personal Data?
Under the GDPR, Albany Village Primary School is a Data Controller, a Data Processor, or both. Our role differs depending on how we use the data collection and handling process.
Under GDPR as a Data Controller we define how and why personal data is collected, stored, and used. We also utilise data processors – third parties that process the data we control on your behalf.
Albany Village Primary School will achieve compliance by ensuring personal data is processed lawfully, transparently, and for a specific purpose. Once the purpose is fulfilled and the data is no longer required it will be deleted, as stated within our Data Retention Policy.
Albany Village Primary School already complies with existing legislation, the Data Protection Act 1998, and school is experienced at working within such regulations. However, under GDPR it is necessary to make some changes to policies and procedures.
We are registered with the Information Commissioner's Office as Data Processor
If you would like to read more about GDPR, the following video on YouTube, provides an excellent visual story of a school’s GDPR journey.