General Data Protection Regulation

St Peter’s and Clifton CE (VC) Primary School’s Data Protection Policy has been produced to ensure compliance with the Data Protection Act 2018 (DPA), GDPR and associated legislation, and it incorporates guidance from the Information Commissioner’s Office (ICO).

The DPA gives individuals rights over their personal data and protects individuals from the erroneous use of their personal data.

St Peter’s and Clifton CE (VC) Primary School is registered with the ICO as a Data Controller for the processing of living individuals’ personal information.

St Peter’s and Clifton CE (VC) Primary School’s Data Protection Policy has been produced to ensure its compliance with the DPA 2018.

The Policy incorporates guidance from the ICO, and outlines the School’s overall approach to its responsibilities and individuals’ rights under the DPA 2018.

This Policy applies to all employees (including temporary, casual or agency staff, volunteers and contractors, consultants and suppliers working for, or on behalf of, the School), third parties and others who may process personal information on behalf of St Peter’s and Clifton CE (VC) Primary School.

The Policy also covers any staff and pupils who may be involved in research or other activity that requires them to process or have access to personal data, for instance as part of a research project or as part of professional practice activities. If this occurs, it is the responsibility of the relevant school to ensure the data is processed in accordance with the DPA 2018 and that students and staff are advised about their responsibilities. In addition, the activity should be referred to the Research Ethics Committee.