General Data Protection Regulation (GDPR)

 

General Data Protection Regulation (GDPR)

You may have heard that the law which manages how we use your information has changed. The new European General Data Protection Regulation (GDPR) law will come into effect on 25 May 2018. The aim of this law is to ensure all personal data is protected and organisations who work with such data are held accountable for its protection.

 

Policies and Privacy Notices

Privacy-Notice-v2.pdf

SEN-Specific-Privacy-Notice-v4.docx.pdf

Data-Protection-Policy-24-v2.pdf

Freedom-of-Information-Policy-24-v2.pdf

Information-Governance-Framework-v3.pdf

Publication-Scheme-v3.pdf

 

All individuals whose data is held by us, have a legal right to request access to such data or information about what is held. A Subject Access request Form is available for a request of data.

subject_access_request_form_1-1.pdf

 

Data Protection Officer

We have appointed a Data Protection Officer from Walsall Council to support our school with matters relating to Data Protection and the use of your personal information. Our Data Protection Officer is registered with the Information Commissioners Officer (ICO).

Data Protection Officer (DPO) : Paul Withers

                                                              Walsall Council

                                                              Darwall Street

                                                              Walsall

                                                              WS1 1TP

                                                              Tel: 01922 650000

 
The General Data Protection Regulation (GDPR) encourages organisations that are responsible for using people’s information to make sure it is clear why we need your information and how it is used. To help explain how your information is used we have published a Privacy Notice, which you can access above. 

 

Information Asset Register (IAR)

An Information Asset Register is held by school and is regularly updated.

The asset register records assets, systems and applications used for processing or storing personal data across the school. The information within this register gives assurance that the school is meeting data protection obligations.