GDPR Compliance

What is the GDPR (General Data Protection Regulation)?

Europe is now covered by the world's strongest data protection rules. The mutually agreed General Data Protection Regulation (GDPR) came into force on May 25, 2018, and was designed to modernise laws that protect the personal information of individuals. To meet the General Data Protection Regulation (GDPR), all organisations handling personal data, including schools, need to have the right governance measures.

Privacy Notices

We collect and hold personal information relating to our pupils and may also receive information about them from their previous school, local authority and/or the Department for Education (DfE).

We use this personal data to:

  • support our pupils’ learning
  • monitor and report on their progress
  • provide appropriate pastoral care; and
  • assess the quality of our services

Our Pupil and Staff Privacy Notices explain how and why data is used, as well as how you can view data we have about you or your child.

Copy of Privacy Notice for Staff
Copy of Privacy Notice for Pupils

General Data Protection Policy

Copy of General Data Protection Policy

St Andrew’s and St Mark’s Church of England Junior School needs to keep certain information about its employees, students and other users to allow it to monitor performance, achievements, and health and safety. It is also necessary to process information so that staff can be recruited and paid, courses organised and legal obligations to funding bodies and government complied with. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.

The headteacher and governors of the school will comply fully with the requirements and principles of the General Data Protection Regulation (2018). All staff involved with the collection, processing and disclosure of personal data are aware of their duties and responsibilities within the guidelines established by the Act. The school has privacy notices for staff and pupils that outline the reasons why data is collected, used and stored. Our General Data Protection Policy can be viewed here:


Subject Access Requests

The flowchart below details how the school handles requests for information. All requests for data must be received in writing.

Copy of Subject Access Request Procedure