St Christopher's C of E (Primary) Multi Academy Trust

Interactive bar

Google Services

Search
Language
 

GDPR/Privacy Notice

Data protection legislation sets out rules and standards for the use and handling (‘processing’) of information (‘personal data’) about living identifiable individuals (‘data subjects’) by organisations (‘data controllers’).

The law applies to organisations in all sectors, both public and private.  It applies to all electronic records as well as many paper records. It doesn’t apply to anonymous information or to information about the deceased.

Until 24 May 2018, the legislation in the UK is the Data Protection Act 1998 (DPA 1998).  From 25 May 2018, this will be replaced by the EU General Data Protection Regulation (GDPR).

 

Principles

Data controllers processing personal data must follow – and be able to demonstrate that they are following – the data protection principles.

Under the GDPR, there are six principles.  Personal data must be processed following these principles so that the data is:

  1. Processed fairly, lawfully and transparently – and only if there is a valid ‘legal basis’ for doing so
  2. Processed only for specified, explicit and legitimate purposes
  3. Adequate, relevant and limited
  4. Accurate (and rectified if inaccurate)
  5. Not kept for longer than necessary
  6. Processed securely – to preserve the confidentiality, integrity and availability of the personal data

 

Lawful Basis for Processing

The Trust must have a lawful basis for processing personal information, which are:

  • Consent
  • Contract
  • Legal obligation
  • Vital interests
  • Public task
  • Legitimate interest

 

Withdrawal of Consent

If the Trust has used consent as the lawful basis for processing personal information you have the right to withdraw this consent at any time. If you would like to withdraw your consent, please contact the Trust Data Protection Officer at jo.wilkey@stcmat.org

 

Privacy Notices

An important aspect of complying with data protection legislation is being open and transparent with individuals about how their personal data will be used.  This is achieved through the publication of privacy notices.

 

Subject Access Requests

An individual has the right to put in a request to access their personal information.

 

Data breaches

One of the most important accountability obligations concerns personal data breaches – that is, personal data held by the Trust is lost, stolen, inadvertently disclosed to an external party, or accidentally published.  If this occurs, this will be immediately reported to the Data Protection Officer at jo.wilkey@stcmat.org

Remedial work can then be done so that the breach can be contained. On occasion, we need to report breaches to relevant external authorities, including the ICO, within a short timeframe.

 

Policy

The Trust Data Protection Policy can be found below.

Join Our MAT

St Christopher's Multi Academy Trust welcomes contact from individual Church schools or groups of Church schools considering conversion to academy status.

Join Our Team

The St Christopher's Multi Academy Trust senior management team take responsibility for the day to day running of the Trust and each member academy in partnership with the Head Teacher.

Our Academies

Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website
Visit Academy Website

Quote

God is not unjust; he will not forget your work and the love that you have shown him as you have helped his people and continue to help them.” Hebrews 6:10

Quick Access

St Christopher’s Multi Academy Trust

St Christopher’s Multi Academy Trust

Top