GDPR | General Data Protection Regulations
GDPR stands for: General Data Protection Regulation. The Sovereign Trust (Longford Park School, Manor Academy, New Park Academy and Pictor Academy) work within the guidance of the United Kingdom General Data Protection Act 2020 (UK-GDPR).
The Sovereign Trust follows the UK-GDPR and uses this as a benchmark for its standards of protection for the personal data of pupils, parents and staff. It ensures that its policy for data protection is used as the basis for collecting, storing, accessing, sharing and deleting personal data.
Objectives
1. To ensure that decision makers and key people in school comply with the statutory sections of current UK-GDPR regulations.
2. To ensure that there will be regular reviews and audits of the information we hold to ensure that we fully meet the UK-GDPR statutory requirements.
3. To document the personal data we hold, where it came from and with whom it will be shared.
4. To ensure that data collection, data handling, data storage and data disposal procedures are in line with the UK-GDPR and cover all the rights individuals have, including how personal data is deleted and destroyed.
Strategies
1. Data access request procedures will be handled within the timescales set out in the UK-GDPR and we provide any additional information in line with the _UK-GDPR guidance.
2.The processing of personal data will be carried out on a lawful basis as required by the UK-GDPR.
3. Where the school needs to seek consent, it will do so in a manner that meets UK-GDPR standards.
4. Any records of consent and the management of the process for seeking consent will also meet the UK-GDPR standard.
5. Where there is a personal data breach the procedures used to detect, report and investigate it will meet the requirements of the UK-GDPR.
6. The systems the school puts into place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity will meet the standard set in the UK-GDPR.
7. Data protection by design and data protection impact assessments will meet with the ICO’s code of practice on privacy impact assessments as well as with the latest guidance.
8. The school will have a Data Protection Officer who will be given responsibility for data protection compliance.
9. When the school requests data we will provide appropriate privacy notices to explain why data is being collected and under which legal basis, and the purposes for which it is used.
Outcomes
UK-GDPR is met by The Sovereign Trust as the basis for collecting, storing, accessing, sharing and deleting personal data. Data is processed fairly, lawfully and in a transparent manner.
It is used for specified, explicit and legitimate purposes in a way that is adequate, relevant and limited. It is accurate, kept up to date and kept no longer than is necessary. Data is processed in a manner that ensures appropriate security of the data.
Data Protection Policy
Further details of how the Trust complies with the UK-GDPR regulations are included in the Trusts Data Protection Policy, located within the Policies page of this website.
Privacy Notices
If you would like more information about GDPR, please contact our Central Team on 0161 532 3250
For correspondence details of the Trusts DPO, please visit our Contact-Us page.