01460 72653

School Office

08:30 - 16:00

Mon to Fri

‘Let your light shine’

(Matthew 5:16)


What is GDPR?

GDPR stands for General Data Protection Regulation. It has been developed by the European Parliament, with the aim of strengthening and standardising data protection laws for individuals within the European Union.

It is designed to simplify and unify data protection laws across all countries in the EU (including UK even after Brexit).

The regulation is enforceable from 25 May 2018, at which point businesses need to ensure they are fully compliant.

Data Protection Policy

What data is covered by GDPR?

GDPR applies to ‘personal data’ and ‘sensitive personal data’, but not to ‘business data’;

Peraonal Data is any information that allows a person to be directly or indirectly identified. The obvious fields of “personal data” are names and identity numbers, but factors such as location and online identifiers (e.g. jame.smith@school.com) also count under the ICO definition.

Our Commitment to GDPR

GDPR (General Data Protection Regulations)

In line with the updated General Data Protection Regulations coming into effect on 25th May 2018, we have adapted our Parental Consent Form to reflect the additional consent we now require for pupils. The General Data Protection Regulation replaces the Data Protection Act; which is designed to strengthen and unify the safety and security of all data held within an organization.

Parents and Pupils Privacy Notice

Recruitment Privacy Notice

Workforce privacy Notice

Governor Privacy Notice

Requesting access to your personal data

Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Mrs Charlotte Hall (Data Protection Lead) Office@HSGSchool.co.uk

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/


The ICO guidance on GDPR

Freedom of Information