What is GDPR?
The General Data Protection Regulation (GDPR) is a European law which came into effect on 25th May 2018.
The legislation is designed to ‘harmonise’ data privacy laws across Europe, as well as give greater protection and rights to individuals. Within the GDPR there are large changes for the public, as well as businesses and bodies that handle personal information. In essence, it is about protecting personal data and how it is used. It gives individuals greater control and say over how their personal data is used.
All schools handle a large amount of personal data. This includes information on pupils such as grades, medical information, images and much more including data on staff, governors, volunteers and job applicants.
What is Personal data?
This data is already governed by existing DPA (Data Protection Act) regulations which ensure personal data is handled lawfully. However, the GDPR has gone further and requires organisations (including schools) to document how & why they process all personal data.
What is GDPR exactly?
The GDPR is Europe's new framework for data protection laws - it replaces the previous 1995 data protection directive, which current UK law is based upon. The EU's GDPR website says the legislation is designed to 'harmonise' data privacy laws across Europe as well as give greater protection to individuals.
Please click on the links below to access copies of the Westcountry Schools Trust GDPR policies.