All staff within Hemington Primary School take their UK GDPR obligations very seriously and is therefore a main priority across our school.
We are committed to protecting and respecting the confidentiality of sensitive information relating to staff, pupils, parents and governors.
Please see below our policies and procedures which set out how your and your child’s data is securely kept and processed within school.
Our Data Protection Lead in School is the Co-headteacher, Mrs A Reay For specific requests and information, please contact the school office via [email protected]
Our Data Protection Officer (DPO) is Manjit Heer who can be contacted by email; [email protected]
Hemington Primary School is required to keep and process certain information about its staff members and pupils in accordance with its legal obligations under the General Data Protection Regulation (GDPR). The school may, from time to time, be required to share personal information about its staff or pupils with other organisations, mainly the LA, other schools and educational bodies, and potentially children’s services. Organisational methods for keeping data secure are imperative, and we believe that it is good practice to keep clear practical policies, backed up by written procedures. Consent As a school we will seek consent from staff, volunteers, young people, parents and carers to collect and process their data. We will be clear about our reasons for requesting the data and how we will use it. There are contractual, statutory and regulatory occasions when consent is not required. We may process personal and sensitive data without consent if another provision applies. Consent is defined by the UK GDPR as “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”. We may seek consent from young people also, and this will be dependent on the child and the reason for processing. Pupils over 13 can give or withdraw consent. Consent and Renewal On the school website (see below), we have ‘Privacy Notices’ that explain how data is collected and used. It is important to read those notices as it explains how data is used in detail. Obtaining clear consent and ensuring that the consent remains in place is important for the school. We also want to ensure the accuracy of that information. When a pupil joins us, part of the process is to seek consent. This information is retained electronically. If there are any changes, please inform us. There will be reminders about the need to update us throughout the school year. For Pupils and Parents/Carers On arrival at school, you will be asked to complete a form giving next of kin details, emergency contact and other essential information. We will also ask you to give consent to use the information for other in-school purposes, as set out on the data collection/consent form. Pupil consent procedure Where processing relates to a child under 13 years old, the school will obtain consent from a person who has parental responsibility for the child. Pupils may be asked to give consent or to be consulted about how their data is obtained, shared and used in certain situations. Withdrawal of Consent Consent can be withdrawn, subject to contractual, statutory or regulatory constraints. Where more than one person can provide or withdraw consent, the school will consider each situation on the merits and within the principles of UK GDPR and also child welfare, protection and safeguarding principles. Please complete the appropriate form obtained from the school office Please see https://ico.org.uk/ for further information on the above rights. You may also contact the school Data Protection Lead for further information. Please see links below to policies in relation to GDPR:
