Data Protection and Privacy
The EU General Data Protection Regulation (GDPR)
On the 25th May 2018 the General Data Protection Regulation (GDPR) became applicable and subsequently the Data Protection Act (DPA) 2018 became law.
ETCHINGHAM CEP SCHOOL complies with the GDPR and Data Protection Act 2018 and is registered as a ‘Data Controller’ with the Information Commissioner’s Office (Reg. No. Z6674516). This means that the School may collect and process information about individuals, for reasons including providing teaching services, adhering to government legislation and contacting parents/carers when required.
We ensure that your personal data is processed fairly and lawfully, is accurate, is kept secure and is retained for no longer than is necessary. Personal data is information that can be used to identify an individual. It is not shared with anybody else without an individual's knowledge, unless the School is required by law to do so. An example of this is providing the government with school census information. More information on personal data is on the Information Commissioner's Office (ICO) website.
- Our Data Protection and Information Security Policy details how we adhere to individuals' legal rights.
- Our Privacy Notices include information on how and why personal data is used for different Data Subjects.
- Our Pupil Images Policy details how we manage the consent for, and use of, images.
- Data Protection Policy Riverside Federation March 2021 v1 Final
- Easy Read Privacy Notice September 2021 Etchingham CEPS
- GDPR Governors Volunteers Privacy Notice September 2021 Etchingham CEPS
- GDPR School Workforce Privacy Notice September 2021 Etchingham
- GDPR Privacy Notice for Schools Pupils Parents Carers September 2021 Etchingham
- Riverside Federation Data in Transit policy March 2021
- Riverside Federation Pupils images Policy October 2020
- Riverside Federation Special Category Data Policy October 2019