General Data Protection Regulation (GDPR)
The GDPR will apply in all EU member states from 25 May 2018. This will affect how schools manage personal data and how this is protected and shared. The EU's General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.
The Headteacher is responsible for the accuracy and safe-keeping of data. Anyone with access to your personal records is properly trained in confidentiality issues and is governed by a legal duty to keep these details secure, accurate and up to date. All information is held securely and appropriate safeguards are in place to prevent accidental loss.
Please contact the office or email the Data Protection Officer for further details.
In some circumstances we may be required by law to release details to statutory or other official bodies, for example if a court order is presented, or in the case of public educational issues. In other circumstances you may be required to give written consent before information is released – such as the educational reports for insurance, solicitors etc.
The following GDPR Policies and Procedures apply to all of the schools in the Eynsham Partnership Academy Trust.