GDPR New Regulations
General Data Protection Regulation – GDPR
How will it affect our college and what will the changes
mean for students and parents?
The GDPR is new legislation regarding the maintenance and protection of your personal data by those who have a lawful basis to process it.
Painsley Catholic MAC’s lawful basis is ‘Public task’. This is because the processing is necessary for our official functions. For processing of additional data we will always ask your consent e.g. photography consent, trip consent etc. This is normally done at the start of the school year.
The new regulation means that you have greater control of the data we hold. For example, you have the right
· for data to be rectified e.g. if you change address, phone number etc. you can let us know and we’ll update our
- to request what information we hold about you.
In line with the new regulations, schools in the Painsley Catholic MAC have audited all the data which is held about students, parents, staff, teaching school members and third parties. By doing this we can see exactly what data we have, who it can be shared with, who has access to it, the security in place and when and the data can be securely destroyed.
Before working with any new system schools in the Painsley Catholic MAC will follow our new Data Impact Assessment. By using this, it helps us to see whether the processing of the data is necessary, whether additional consent is required and to ensure it is held securely.
To ensure accountability and transparency, all organisations must now appoint a Data Protection Officer. This must be someone who does not work with the data in our school as this would create a conflict of interest. Therefore, our Data Protection Officer will be Mrs Baskeyfield, MAC Business Manager who is based at Painsley Catholic College.
The protection of all our data is taken very seriously and as such the school limits the data that is available to individual staff on the basis of their role. Any breach of data protection will be fully investigated and the Information Commissioners Office will be informed as per GDPR guidelines.
Attached to this letter you will find our new consent for photographs/inclusion in newsletter form. This sheet must be completed, signed and returned to the school. That way we can ensure that your consent data is correct and up to date.
Our new GDPR policy, Data Impact Assessment, Fair Processing Notices and other associated documents will soon be on our website where you can find more information about what we are doing to stay GDPR compliant. If you have any questions please contact Mrs Baskeyfield firstname.lastname@example.org or telephone 01538 714944.