Data Protection

Yardley Primary School is committed to protecting the privacy and security of personal information. We are the ‘data controller’ for the purposes of data protection law. We collect and use personal information, in accordance with the UK General Data Protection Regulation (UK GDPR), section 537A of the Education Act 1996 and section 83 of the Children Act 1989.

The personal data we hold is used to support your child's learning, monitor and report on pupil progress, provide appropriate pastoral care, safeguard pupils and families, protect pupil welfare, administer admissions waiting lists, carry out research and comply with the law regarding data sharing.

Following Brexit, Regulation (EU) 2016/679, General Data Protection Regulation (GDPR) is retained EU law and known as UK GDPR. The UK GDPR sits alongside an amended version of the Data Protection Act 2018 that relates to general personal data processing, powers of the Information Commissioner and sanctions and enforcement. The GDPR as it continues to apply in the EU is known as EU GDPR.

How we process, use and store personal data

Data Protection Policy.pdf

Data Protection Policy

This policy is intended to ensure the safety and security of any material of a personal or sensitive nature we collect and store.

Data Breach Policy.pdf

Data Breach Policy

This policy ensures that we deal with any data breaches that may occur quickly and effectively.

Data Retention Policy.pdf

Data Retention Policy

This policy ensures that we maintain our records and record keeping systems and store data for the appropriate amount of time.

Freedom of information

Freedom Of Information Policy.pdf

Freedom Of Information Policy

This policy is intended to ensure we provide appropriate information to the public and respond to requests where necessary.

Freedom Of Information - ICO Model Publication Scheme.pdf

ICO Model Publication Scheme

All public authorities, including schools, are required under the Freedom of Information Act to adopt a publication scheme that has been approved by the Information Commissioner. There is currently one approved model publication scheme, which has been produced by the Information Commissioner’s Office (ICO). Schools must adopt the ICO’s model scheme and make it publicly available.

Freedom Of Information Publication Scheme.pdf

Our Publication Scheme

Alongside the model publication scheme, schools should publish their own publication scheme.

Subject access requests

Subject Access Request Policy.pdf

Subject Access Request Policy

Individuals have a general right to find out whether the School hold or process personal data about them, to access that data, and to be given supplementary information. This is known as the right of access, or the right to make a data subject access request (SAR). The purpose of the right is to enable the individual to be aware of, and verify, the lawfulness of the processing of personal data that the School are undertaking. This policy outlines how to make a subject access request and how school handles them.