DATA PROTECTION (GDPR)
Fir Ends School is a registered Data Controller with the Information Commisioner's Office (ICO).
To ensure the school complies with the General Data Protection Regulations - GDPR (25th May 2018), we use the following documents to underpin how we manage data held by the school.
- Data Protection policy and privacy notices (last update Feb 2019)
- The ICO model freedom of information & publication scheme
Acceptable Use documents for pupils can be found on the Policies page
Requesting access to personal data
Under data protection legislation, data subjects have the right to request access to information about them that we hold. In school, data subjects are typically pupils and staff.
To make a request for personal information, the data subject should contact the Data Protection Officer (DPO), using the proforma linked below.
Our DPO is Mr Gerard Barr who can be contacted at firstname.lastname@example.org
- Proforma for Data Subject Access Requests: Download
You also have the right to:
- object to processing of personal data that is likely to cause, or is causing, damage or distress;
- prevent processing for the purpose of direct marketing;
- object to decisions being taken by automated means;
- in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
- claim compensation for damages caused by a breach of the Data Protection regulations.
If you have a concern about the way we are collecting or using your personal data, including potential data breaches, we ask that you raise your concern with us in the first instance by contacting either the Headteacher or the DPO.
Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/
Other policies referenced within and linked to by the data policy include:
- Freedom of information publication scheme
- Online Safety Policy
- Acceptable use agreements
- Staff Handbook
- CCTV Policy
- Safeguarding & Child Protection policies