Data Protection

Data Protection Act 1998

The Data Protection Act 1998 controls how your personal information is used by organisations, businesses or the government.

Everyone responsible for using data has to follow strict rules called ‘data protection principles’. They must make sure the information is:

  • used fairly and lawfully
  • used for limited, specifically stated purposes
  • used in a way that is adequate, relevant and not excessive
  • accurate
  • kept for no longer than is absolutely necessary
  • handled according to people’s data protection rights
  • kept safe and secure
  • not transferred outside the European Economic Area without adequate protection

The Freedom of Information Act 2000

The Freedom of Information Act 2000 provides public access to information held by public authorities.

It does this in two ways:

  • public authorities are obliged to publish certain information about their activities; and
  • members of the public are entitled to request information from public authorities.

The Act covers any recorded information that is held by a public authority in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland. Information held by Scottish public authorities is covered by Scotland’s own Freedom of Information (Scotland) Act 2002.

Public authorities include government departments, local authorities, the NHS, state schools and police forces. However, the Act does not necessarily cover every organisation that receives public money. For example, it does not cover some charities that receive grants and certain private sector organisations that perform public functions.

Recorded information includes printed documents, computer files, letters, emails, photographs, and sound or video recordings.

The Act does not give people access to their own personal data (information about themselves) such as their health records or credit reference file. If a member of the public wants to see information that a public authority holds about them, they should make a subject access request under the Data Protection Act 1998.

Privacy Notice – Data Protection Act 1998

We Portland Academy are a data controller for the purposes of the Data Protection Act. We collect information from you and may receive information about you from your previous school and the Learning Records Service. We hold this personal data and use it to:

  • Support your teaching and learning;
  • Monitor and report on your progress;
  • Provide appropriate pastoral care, and
  • Assess how well your school is doing.

This information includes your contact details, national curriculum assessment results, attendance information and personal characteristics such as your ethnic group, any special educational needs and relevant medical information. If you are enrolling for post 14 qualifications we will be provided with your unique learner number (ULN) by the Learning Records Service and may also obtain from them details of any learning or qualifications you have undertaken.

We will not give information about you to anyone outside the school without your consent unless the law and our rules allow us to.

We are required by law to pass some information about you to the Local Authority and the Department for Education (DfE)

If you want to see a copy of the information about you that we hold and/or share, please contact the school office.

If you require more information about how the Local Authority (LA) and/or DfE store and use your information, then please go to the following websites:

https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

If you are unable to access these websites we can send you a copy of this information. Please contact the LA or DfE as follows:

In addition for Secondary and Middle deemed Secondary Schools

Once you are aged 13 or over, we are required by law to pass on certain information to the provider of youth support services in your area. This is the local authority support service for young people aged 13 to 19 in England. We must provide the address of you and your parents (and your date of birth) and any further information relevant to the support services’ role.

However, until you are aged 16 or older, your parent(s) can ask that no information beyond your name, address and date of birth (and their name and address) be passed on to the youth services provider. This right transfers to you on your 16th birthday. Please inform the Business Support staff in main reception if this is what you or your parents wish.

For more information about young peoples’ services, please go to the Directgov Young People page at www.direct.gov.uk/en/YoungPeople/index.htm or the LA website shown above.