Statement Of Compliance
KING’S FARM SCHOOL: STATEMENT OF COMPLIANCE
The UK General Data Protection Regulation (GDPR) is a privacy and data protection regulation in the United Kingdom. It is based upon the European Union GDPR which came into effect on May 25 2018.
The GDPR imposes obligations on organisations that control or process personal data and introduces and reinforces rights and protections for UK and EU citizens.
We are committed to ensuring that the privacy of you and your child/children are protected. We strictly adhere to the provisions of all relevant Data Protection Legislation, including GDPR, ensuring all personal data is handled in line with the principles outlined in the regulation that state:
Personal data shall be:
- 1. Processed lawfully, fairly and in a transparent manner in relation to the data subject
- 2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- 3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- 4. Accurate and, where necessary, kept up to date
- 5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
- 6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
King’s Farm Primary School respects the rights to data privacy and protection of our learners and their family members and as such we are continually revising our internal policies, procedures, working practices in order to meet the requirements of the GDPR.
Data subjects have the right to access information kept about them by King’s Farm Primary School. Our appointed Data Protection Officer (DPO) is responsible for dealing with data subject access requests. We promise to accommodate the revised 30-day timeframe for providing the requested information, subject to the correct circumstances; we are aware of the circumstances when we can extend the time limit to respond to a request. We also understand when to consider if a request includes information regarding others and any implications this may have.
Where we use any third-party to process personal information on our behalf (i.e., service providers, data hosting etc.), every care has been taken to ensure all parties are compliant with the GDPR and are aligned to King’s Farm’s ongoing commitment. These measures have included initial and ongoing reviews of the service provided, the necessity of the processing activity, the technical and organisational measures in place and compliance with the GDPR
We place a high priority on protecting and managing data in accordance with accepted standards and indeed helping our pupils learn in an environment that recognises and respects their rights as individuals.
King’s Farm Primary School are committed to compliance with the GDPR as a controller of personal data and have employed a Data Protection Officer (DPO) to ensure compliance on an ongoing basis.