General Data Protection Regulations 2018

General Data Protection Regulations 2018

The General Data Protection Regulation 2018 controls how your personal and sensitive information is used by organisations, businesses and the government. It applies to all countries covered by EU law.

Everyone responsible for processing data (ie anything done to or with the data including collecting, storing or deleting it) has to follow strict guidelines called ‘data protection principles. They must make sure the information is

  • Used fairly, lawfully and in a transparent way
  • Used for specific, explicit and legitimate purposes
  • Used in a way that is adequate, relevant and limited to what is necessary
  • Accurate
  • Kept for no longer than is absolutely necessary
  • Handled according to people’s data protection rights
  • Handled in a safe and secure way
  • Not transferred outside the European Economic Area without adequate protection

 

The Freedom of Information Act 2000

The Freedom of Information Act 2000 provides public access to information held by public authorities.

It does this in two ways:

  • public authorities are obliged to publish certain information about their activities; and
  • members of the public are entitled to request information from public authorities.

The Act covers any recorded information that is held by a public authority in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland. Information held by Scottish public authorities is covered by Scotland’s own Freedom of Information (Scotland) Act 2002.

Public authorities include government departments, local authorities, the NHS, state schools and police forces. However, the Act does not necessarily cover every organisation that receives public money. For example, it does not cover some charities that receive grants and certain private sector organisations that perform public functions.

Recorded information includes printed documents, computer files, letters, emails, photographs, and sound or video recordings.

The Act does not give people access to their own personal data (information about themselves) such as their health records or credit reference file. If a member of the public wants to see information that a public authority holds about them, they should make a subject access request under the General Data Protection Regulation 2018 .

Privacy Notice – General Data Protection Regulations 2018

We Portland Academy are a data controller for the purposes of the General Data Protection Regulation. We collect information from you and may receive information about you from your previous school and the Learning Records Service. We hold this personal data and use it to:

  • Support your teaching and learning;
  • Monitor and report on your progress;
  • Provide appropriate pastoral care, and
  • Assess how well your school is doing.

This information includes your contact details, national curriculum assessment results, attendance information and personal characteristics such as your ethnic group, any special educational needs and relevant medical information. If you are enrolling for post 14 qualifications we will be provided with your unique learner number (ULN) by the Learning Records Service and may also obtain from them details of any learning or qualifications you have undertaken.

We will not give information about you to anyone outside the school without your consent unless the law and our rules allow us to.

We are required by law to pass some information about you to the Local Authority and the Department for Education (DfE)

If you want to see a copy of the information about you that we hold and/or share, please contact the school office.

If you require more information about how the Local Authority (LA) and/or DfE store and use your information, then please go to the following websites:

https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

If you are unable to access these websites we can send you a copy of this information. Please contact the LA or DfE as follows:

In addition for Secondary and Middle deemed Secondary Schools

Once you are aged 13 or over, we are required by law to pass on certain information to the provider of youth support services in your area. This is the local authority support service for young people aged 13 to 19 in England. We must provide the address of you and your parents (and your date of birth) and any further information relevant to the support services’ role.

However, until you are aged 16 or older, your parent(s) can ask that no information beyond your name, address and date of birth (and their name and address) be passed on to the youth services provider. This right transfers to you on your 16th birthday. Please inform the Business Support staff in main reception if this is what you or your parents wish.

For more information about young peoples’ services, please go to the Directgov Young People page at www.direct.gov.uk/en/YoungPeople/index.htm or the LA website shown above.