EtchinghamData Protection and Privacy
The EU General Data Protection Regulation (GDPR)
On the 25th May 2018 the General Data Protection Regulation (GDPR) became applicable and subsequently the Data Protection Act (DPA) 2018 became law.
Data Controller
ETCHINGHAM CEP SCHOOL complies with the GDPR and Data Protection Act 2018 and is registered as a ‘Data Controller’ with the Information Commissioner’s Office (Reg. No. Z6674516). This means that the School may collect and process information about individuals, for reasons including providing teaching services, adhering to government legislation and contacting parents/carers when required.
We ensure that your personal data is processed fairly and lawfully, is accurate, is kept secure and is retained for no longer than is necessary. Personal data is information that can be used to identify an individual. It is not shared with anybody else without an individual's knowledge, unless the School is required by law to do so. An example of this is providing the government with school census information. More information on personal data is on the Information Commissioner's Office (ICO) website.
- Our Data Protection and Information Security Policy details how we adhere to individuals' legal rights.
- Our Privacy Notices include information on how and why personal data is used for different Data Subjects.
- Our Pupil Images Policy details how we manage the consent for, and use of, images.
- Data Protection Policy Riverside Federation May 2023 v1 Final
- Freedom of Information Policy Riverside Federation April 2022
- Freedom of Information Publication Scheme Riverside Federation April 2022
- GDPR Governors Volunteers Privacy Notice May 2023 Etchingham CEPS
- GDPR School Workforce Privacy Notice May 2023 Etchingham
- GDPR Privacy Notice for Schools Pupils Parents Carers May 2023 Etchingham
- Riverside Federation Data in Transit policy March 2021
- Riverside Federation Special Category Data Policy October 2021
