Privacy Notices/GDPR

GDPR, General Data Protection Regulations

On May 25th 2018 additional rules, often called GDPR, came into force around the use and storage of data for all organisations across the UK.

Until now, the main legislation was the Data Protection Act 1998.

There are 8 principles to the Data Protection Act of 1998:

1. Personal information must be fairly and lawfully processed

2. Personal information must be processed for limited purposes

3. Personal information must be adequate, relevant and not excessive

4. Personal information must be accurate and up to date

5. Personal information must not be kept for longer than is necessary

6. Personal information must be processed in line with the data subjects' rights

7. Personal information must be secure

8. Personal information must not be transferred to other countries without adequate protection

The General Data Protection Regulations, GDPR, add to the previous Data Protection Act from 1998.

The Six Principles of GDPR

1. Processed fairly, lawfully and in a transparent manner

2. Used for specific, explicit and legitimate purposes

3. Used in a way that is adequate, relevant and limited

4. Accurate and kept up to date

5. Kept no longer than is necessary

6. Processed in a manner that ensures appropriate security of the data

Files to Download

Ashleigh Primary School Privacy Notice April 2018 FOI Policy November 2021 Privacy Notice For Ashleigh School Governors May 2018 Privacy Notice For Ashleigh School Governors Nov 2021 Privacy Notice Policy Nov 2021