General Data Protection Regulation
The law on data protection in the UK changed on the 25 May. This new act, the Data Protection Act 2018, applies the Europe-wide General Data Protection Regulation (GDPR) to the UK. This will not be changed by Brexit.
The new rules are designed to take account of the massive changes in data use since the Data Protection Act 1998.
Our school has published a new privacy notice (see below) and other documents as required to fit the new rules; we are still working to change all the various documents and processes over the next few months.
This may include having to ask you for consent for some things where we do not have another basis for processing and don’t already have a suitable consent; if you do not respond we will assume you do not consent as required by the “opt-in” regulations in the new law. Most processing in schools is governed by various laws so doesn’t need a separate consent, but this is not always the case.
The new rules change the rights that you have in respect of your data. For further information on this, please see the ICO website https://ico.org.uk. The rights are:
Our school has appointed a Data Protection Officer (DPO), who you can contact via email or post if, for example, you have an issue with our handling of your data that our school has not been able to assist you with. The DPO acts for a number of schools, so please ensure that you identify our school when contacting to avoid delays:
Data Protection Officer Schools
London Borough of Enfield
The council also holds data relating to schools and pupils for their statutory duties. You can find their privacy statement online at https://new.enfield.gov.uk/privacy-notice.
The new rules are intended to give you better control and understanding of what we do with your information; they will not in any way interfere with the provision of your child’s education.