General Data Protection Regulation

14 May 2018Latest News Parent

From May 25th 2018, the General Data Protection Regulation (GDPR) comes into effect and this has implications for the way we control and process your information at school. This regulation, which affects all businesses and organisations that deal with personal information, provides you with rights and protections for how your information is handled.
These rights are:

 Transparency – being informed about how your data is processed and on what basis and who is processing
 Access – able to request the data that is held about you
 Rectification – ensuring that the data we hold about you is correct
 Portability – able to request that data be transferred to a different data controller
 Objection/Restriction/Erasure – where data is held beyond retention policies or is unlawful you can seek to
stop it being processed or removed completely.

Please be aware that most of the data we process in school is because of legal obligations, so some of these rights cannot automatically be guaranteed in a school setting.

Schools, businesses and other organisations as controllers and processors of personal information are required to process data lawfully, fairly and in a transparent manner, for specified, explicit and legitimate purposes. It must be adequate, relevant and limited to what is necessary for each purpose – think of Goldilocks, not too much, not too little, just right. Data must be accurate and kept up to date and kept only for as long as necessary. It must be processed in an appropriately secure manner. This will be set out in a privacy policy.

Axe Beacon Federation is currently ensuring that we comply fully with this regulation. In the coming days and weeks, we will be publishing our privacy policy, making transparent the information we have and who it is shared with. Most of the data we control and process in school is under a legal obligation, however we will seek clear consent for those aspects of personal data that fall outside our legal responsibilities. We have appointed Simon Lewis as our Data Protection Officer who ensures that we maintain our responsibilities in accordance with the General Data Protection Regulation (GDPR).


We will fully publish and communicate our Privacy Policy before 25th May. Parents and carers will also receive the opportunity to provide clear consent for the processing of data outside our legal duty.

Designed & developed by Hambly Freeman