Data Protection and the GDPR – January 2021
As the UK transitional arrangements expired on 31 December 2020, there are some practical changes for Data Protection and the GDPR.
To comply with the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 please note that every policy, notice and procedural guide that refers to ‘GDPR’ shall now be read as ‘UK GDPR’.
The rights, responsibilities and data protection that the Data Protection Act 2018 and the GDPR are not changed. Our procedures and arrangements will not change.
If you have any queries please contact firstname.lastname@example.org
What is the General Data Protection Regulation? (GDPR)
The GDPR is a new regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union, aiming to give control back to citizens and residents over their personal data.
The GDPR comes into effect from 25th May 2018.
Taking data security and privacy seriously
At Tudor Grange Academies Trust, we take data security and privacy extremely seriously and believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights, as such we are committed to maintaining compliance with the GDPR.
We are the first Multi-Academy Trust to have signed up to the 360data Framework and are undertaking a comprehensive GDPR audit to ensure the data handling best practice is being followed by our staff.
We also have updated a number of key policies that cover in detail how we handle and manage data:
- Consent Forms
- Privacy notice for governors/trustees and other volunteers
- Privacy notice for job applicants
- Privacy notice for parents/carers
- Privacy notice for pupils
- Privacy notice for the school workforce
- Privacy notice for SCITT trainees
- Subject Access Requests
Thank you for trusting us and please be assured that we will always take the security and privacy of your data very seriously.
If you have questions regarding data protection and GDPR, please do not hesitate to contact me at email@example.com.
Chief Operating Officer