What is GDPR?
GDPR stands for General Data Protection Regulation. It has been developed by the European Parliament, with the aim of strengthening and standardising data protection laws for individuals within the European Union.
It is designed to simplify and unify data protection laws across all countries in the EU (including UK even after Brexit).
The regulation is enforceable from 25 May 2018, at which point businesses need to ensure they are fully compliant.
What data is covered by GDPR?
GDPR applies to ‘personal data’ and ‘sensitive personal data’, but not to ‘business data’;
Peraonal Data is any information that allows a person to be directly or indirectly identified. The obvious fields of “personal data” are names and identity numbers, but factors such as location and online identifiers (e.g. firstname.lastname@example.org) also count under the ICO definition.
Our Commitment to GDPR
GDPR (General Data Protection Regulations)
In line with the updated General Data Protection Regulations coming into effect on 25th May 2018, we have adapted our Parental Consent Form to reflect the additional consent we now require for pupils. The General Data Protection Regulation replaces the Data Protection Act; which is designed to strengthen and unify the safety and security of all data held within an organization.
Requesting access to your personal data
Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Mrs Charlotte Hall (Data Protection Lead) Hintonstgeorge@educ.somerset.gov.uk
You also have the right to:
- object to processing of personal data that is likely to cause, or is causing, damage or distress
- prevent processing for the purpose of direct marketing
- object to decisions being taken by automated means
- in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
- claim compensation for damages caused by a breach of the Data Protection regulations
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/