GDPR

GDPR

Data plays a key role at Gayton: we collect and hold personal information relating to our pupils and may also receive information about them from their previous school, local authority and/or the Department for Education (DfE). We use this personal data to:

  • support our pupils’ learning
  • monitor and report on their progress
  • provide appropriate pastoral care; and
  • assess the quality of our services.

The new data protection legislation that came into effect in May 2018 provides an opportunity to refresh our policies and procedures relating to the safeguarding of data.

Data Protection Policy

Click here to view our Data Protection Policy. This outlines all key personnel and key procedures that we follow to comply with GDPR.

Privacy Notices

Privacy Notice – General                                                                                                           Privacy Notice – Pupils                                                                                                              Privacy Notice – Staff                                                                                                                    Privacy Notice – Governors                                                                                                         Privacy Notice – Track & Trace (COVID-19)

Subject Access Information

Click here to read our Subject Access Procedure. If you wish to make a request for information, please download the request form by clicking here or requesting a paper copy from the school office. At Gayton, our Data Protection Officer is John Walker, from Flint Bishop Solicitors. If you wish to make a request, please submit your form to the school office and we will pass it on to John.

Withdrawal of Consent

Consent to use your child’s information is gained from parents on entry and updated annually. Should you wish to withdraw your consent of any item on the consent forms, please download a Withdrawal of Consent form by selecting the required form below or requesting a paper copy from the school office.

Adult/Individual Consent Withdrawal Form                                                                                                Pupil Consent Withdrawal Form

Data Breach Procedure

All staff and governors must be aware of what to do in the event of a Data Protection Act/GDPR breach. Most breaches, aside from cyber-criminal attacks, occur as a result of human error. They are not malicious in origin and, if quickly reported, are often manageable. If you suspect there has been a breach, please report it to school by contacting Mrs Hill, Headteacher (head@gaytonj.derby.sch.uk).

Other Key Policies

Complaints Policy

Data Retention Policy

Confidentiality Policy