The EU's General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.
Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.
The Headteacher, working closely with the GDPR officer from the Marlow Education Trust, is responsible for the accuracy and safe-keeping of data. Please help to keep your child’s records up to date by informing us of any change of circumstances.
School staff have access to your child’s records to enable them to do their jobs. From time to time information may be shared with others involved in your child’s care, if it is necessary. Anyone with access to your child’s records is properly trained in confidentiality issues and is governed by a legal duty to keep their details secure, accurate and up to date.
All information about your child is held securely and appropriate safeguards are in place to prevent accidental loss.
In some circumstances we may be required by law to release your child’s details to statutory or other official bodies, for example if a court order is presented, or in the case of public educational issues. In other circumstances you may be required to give written consent before information is released – such as the educational reports for insurance, solicitors etc.
To ensure your child’s privacy, we will not disclose information over the telephone or fax unless we are sure that we are talking to you – the parent/carer. Information will not be disclosed to family and friends unless we have prior written consent and we do not leave messages with others.