The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation which determines how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data. ‘Personal data’ means information that can identify a living individual.
The GDPR sets out the key principles that all personal data must be processed in line with.
- Data must be: processed lawfully, fairly and transparently; collected for specific, explicit and legitimate purposes; limited to what is necessary for the purposes for which it is processed; accurate and kept up to date; held securely; only retained for as long as is necessary for the reasons it was collected.
There are also stronger rights for individuals regarding their own data.
- The individual’s rights include: to be informed about how their data is used, to have access to their data, to rectify incorrect information, to have their data erased, to restrict how their data is used, to move their data from one organisation to another, and to object to their data being used at all.
The regulation has applied to all schools since 25 May 2018, and will apply even after the UK leaves the EU.
This page explains how this may effect you and your child here at St Michael’s.
Where We Store Your Data
In order for the school to be able to function appropriately and for ease of access we hold certain data on your child:
Your child’s name, date of birth, address, contact details, (as well as an emergency contact number), the Ethnic Group your child belongs to and the language that your child speaks at home. You have already given us this information when you completed your application form for your child to take a place at the school. We keep this information in paper form in your child’s file and electronically using our Management Information system (MIS).
This information is backed up every night and stored in the cloud in case of a system break down so that we can access this information again quickly. Once your child leaves the school- this information is passed up to your child’s next school in paper form and electronically using a CTF Common Transfer Form. Once this has been done all your child’s information kept in electronic form is deleted from our systems.
We keep medical information on your child which again has been given to us by you on your child’s entry to the school or if there is a change in your child’s medical/health circumstances whilst at the school. This is also stored on our MIS and is deleted once your child has left the school.
Our MIS is linked up to our data tracking assessment tool. This allows us to input your child’s assessment data whilst at St Michael’s. This is shared with you at parent evenings and in the end of year report. It is deleted once your child leaves the school. We are obliged to return this assessment data to Medway LA and to the DfE for children who have completed national assessments ie.. Early Years Foundation Profile, Year 1 phonics screening, Key stage 1 SATS ( Year 2) and KS2 SATS (Year 6).
We also hold information on your child on our MIS if your child is on the Special Needs Register which we may need for ease of access. Pupils characteristics including SEN diagnosis if applicable, spoken language etc is returned on an annual basis to the DfE as part of an annual census to allow them to determine our funding amongst other national data analysis.
Subject Access Request
As parents of children under the age of 12 years old, you have the right to access the personal data and supplementary information St Michael’s holds about your child. This allows you to be aware of, and verify the lawfulness of the school processing your child’s data.