Yardley Primary School is committed to protecting the privacy and security of personal information. We are the ‘data controller’ for the purposes of data protection law. We collect and use personal information, in accordance with the UK General Data Protection Regulation (UK GDPR), section 537A of the Education Act 1996 and section 83 of the Children Act 1989.
The personal data we hold is used to support your child's learning, monitor and report on pupil progress, provide appropriate pastoral care, safeguard pupils and families, protect pupil welfare, administer admissions waiting lists, carry out research and comply with the law regarding data sharing.
Following Brexit, Regulation (EU) 2016/679, General Data Protection Regulation (GDPR) is retained EU law and known as UK GDPR. The UK GDPR sits alongside an amended version of the Data Protection Act 2018 that relates to general personal data processing, powers of the Information Commissioner and sanctions and enforcement. The GDPR as it continues to apply in the EU is known as EU GDPR.
Our standards relating to data protection and security have reached a level where we have been awarded the School Data Protection Award from our Data Protection Officer (DPO), Judicium Education.
The award was introduced by Judicium Education to recognise schools that have made genuine improvements and/or attain high standards of compliance with the relevant statutory requirements and guidance related to data protection.
Our last data protection audit was in December 2021 and we were able to once again demonstrate our firm commitment to data protection in school.
How we process, use and store personal data
Data Protection Policy
This policy is intended to ensure the safety and security of any material of a personal or sensitive nature we collect and store.
Data Breach Policy
This policy ensures that we deal with any data breaches that may occur quickly and effectively.
Data Retention Policy
This policy ensures that we maintain our records and record keeping systems and store data for the appropriate amount of time.
Freedom of information
Freedom Of Information Policy
This policy is intended to ensure we provide appropriate information to the public and respond to requests where necessary.
ICO Model Publication Scheme
All public authorities, including schools, are required under the Freedom of Information Act to adopt a publication scheme that has been approved by the Information Commissioner. There is currently one approved model publication scheme, which has been produced by the Information Commissioner’s Office (ICO). Schools must adopt the ICO’s model scheme and make it publicly available.
Our Publication Scheme
Alongside the model publication scheme, schools should publish their own publication scheme.
Subject access requests
Subject Access Request Policy
Individuals have a general right to find out whether the School hold or process personal data about them, to access that data, and to be given supplementary information. This is known as the right of access, or the right to make a data subject access request (SAR). The purpose of the right is to enable the individual to be aware of, and verify, the lawfulness of the processing of personal data that the School are undertaking. This policy outlines how to make a subject access request and how school handles them.