General Data Protection Regulation (GDPR)
Controller- Mrs E Floyd/Mrs S Keen
Governors: Mr N Kirton and Mrs E Briers
Processors - Everyone
Data Protection Officer - Mr N Kirton and Mrs E Briers
Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact
Mrs S Keen, Data Administrator admin@broadhinton.wilts.sch.uk.
The Data Protection Act 1998
- Personal information must be fairly and lawfully processed
- Personal information must be processed for limited purposes
- Personal information must be adequate, relevant and not excessive
- Personal information must be accurate and up to date
- Personal information must not be kept for longer than is necessary
- Personal information must be processed in line witht he data subjects' rights
- Personal information must be secure
- Personal information must not be transferred to other countries without adequate protection.
GDPR principles - demonstrate compliance
1. Processed lawfully, fairly and in a transparent manner
2. Collected for specified, explicit and legitamate purpose
3. Adequte, relevant and limited to what is necessary
4. Accurate and, where necessary, kept up to date
5. Retained only for as long as necessary
6. Processed inan appropriate manner to maintain security.