What is the GDPR?
The GDPR is a set of guidelines for the collection and processing of personal information of individuals within the EU and is effective in the UK from 25 May 2018 – replacing the Data Protection Act (DPA) 1998.
Accountability and governance
Under the GDPR, schools are expected to have comprehensive and proportionate governance measures in place to minimise the risk of data breaches. Schools should:
• Implement internal data protection policies, e.g. staff training
• Maintain relevant documentation and processing activities.
• Appoint an appropriate DPO.
• Implement measures that meet the principles of data protection by de-fault, including data minimisation and transparency.
• Use data protection impact assessments where appropriate.
The DPO for St Luke Academies Trust is Nathalie Young
Any questions that you have regarding the GDPR can be directed to Nathalie using firstname.lastname@example.org or 01536 203251
Please click on the links below for more information and to view these policies.
Data Breach Procedure
Governor Director Privacy Notice
Pupil and Family Privacy Notice
SLAT Workforce Privacy Notice
School Workforce privacy notice