Data Protection Policy
DATA PROTECTION POLICY
This policy should be taken as part of the overall strategy of the school and operated within the context of our vision, aims and values as a Church of England School.
1. Introduction
The Data Protection Act 1998 came into force on 1st March 2000. It sets out what can and what cannot be done with personal data; that is information about living individuals. Greenfylde School is placed under a legal obligation to comply with the provisions of this Act.
2. Commitment to the Protection of Personal Information
Greenfylde School needs to collect and use certain types of information about people with whom it deals in order to operate effectively. These include pupils, parents, guardians, staff, governors, suppliers and others with whom it communicates. In addition, it is required by law to collect and use certain types of information to comply with the requirements of government departments.
This personal information must be dealt with properly and securely regardless of what method is used for its collection, recording or use - whether this is paper, a computer system or any other material. There are safeguards to ensure that the processing of such information is carried out in a proper fashion and these are contained in the Act.
This policy does not seek to convey the whole legislation to its readers, rather to acquaint them with the main provisions and to demonstrate that Greenfylde School has a commitment to those provisions. Further detailed information relating to data protection legislation can be obtained from Somerset County Council's Data Protection Officer.
Greenfylde School regards the lawful and correct treatment of personal information as very important to the successful and efficient performance of its functions and to maintaining confidence between those with whom we deal and ourselves. We ensure that our school treats personal information lawfully and fairly.
3. Our Data Protection Standards
Greenfylde School will, through appropriate management and adherence to agreed procedures:
· Observe fully the conditions relating to the fair collection and use of personal information
· Meet its legal obligations to specify the purposes for which the information is used
· Collect and process appropriate information but only that which is necessary to its operational needs or meet its legal requirements
· Ensure the quality of information used
· Apply strict checks to determine the length of time information is held and to ensure that it will be disposed of when no longer required with due regard for its sensitivity.
· Ensure that the rights of people about whom information is held can be exercised. These include the right to be informed that processing is being undertaken, the right to access one's personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase information which is regarded as wrong.
· Take appropriate technical and organisational measures to safeguard personal information.
· Ensure that personal information is not transferred abroad without suitable safeguards.
Management Arrangements
Greenfylde School will ensure that:
· Someone is nominated to hold specific responsibility for data protection within the school.
· Everyone managing and handling personal information understands that they are responsible for following good data protection practice
· Everyone managing and handling personal information is appropriately trained to do so
· Everyone managing and handling personal information is appropriately supervised
· Anyone wanting to make enquiries about handling personal information knows what to do
· Queries about handling personal information are promptly and courteously dealt with
· Methods of handling personal information are regularly assessed and evaluated
This policy should be taken as part of the overall strategy of the school and operated within the context of our vision, aims and values as a Church of England School.
1. Introduction
The Data Protection Act 1998 came into force on 1st March 2000. It sets out what can and what cannot be done with personal data; that is information about living individuals. Greenfylde School is placed under a legal obligation to comply with the provisions of this Act.
2. Commitment to the Protection of Personal Information
Greenfylde School needs to collect and use certain types of information about people with whom it deals in order to operate effectively. These include pupils, parents, guardians, staff, governors, suppliers and others with whom it communicates. In addition, it is required by law to collect and use certain types of information to comply with the requirements of government departments.
This personal information must be dealt with properly and securely regardless of what method is used for its collection, recording or use - whether this is paper, a computer system or any other material. There are safeguards to ensure that the processing of such information is carried out in a proper fashion and these are contained in the Act.
This policy does not seek to convey the whole legislation to its readers, rather to acquaint them with the main provisions and to demonstrate that Greenfylde School has a commitment to those provisions. Further detailed information relating to data protection legislation can be obtained from Somerset County Council's Data Protection Officer.
Greenfylde School regards the lawful and correct treatment of personal information as very important to the successful and efficient performance of its functions and to maintaining confidence between those with whom we deal and ourselves. We ensure that our school treats personal information lawfully and fairly.
3. Our Data Protection Standards
Greenfylde School will, through appropriate management and adherence to agreed procedures:
· Observe fully the conditions relating to the fair collection and use of personal information
· Meet its legal obligations to specify the purposes for which the information is used
· Collect and process appropriate information but only that which is necessary to its operational needs or meet its legal requirements
· Ensure the quality of information used
· Apply strict checks to determine the length of time information is held and to ensure that it will be disposed of when no longer required with due regard for its sensitivity.
· Ensure that the rights of people about whom information is held can be exercised. These include the right to be informed that processing is being undertaken, the right to access one's personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase information which is regarded as wrong.
· Take appropriate technical and organisational measures to safeguard personal information.
· Ensure that personal information is not transferred abroad without suitable safeguards.
Management Arrangements
Greenfylde School will ensure that:
· Someone is nominated to hold specific responsibility for data protection within the school.
· Everyone managing and handling personal information understands that they are responsible for following good data protection practice
· Everyone managing and handling personal information is appropriately trained to do so
· Everyone managing and handling personal information is appropriately supervised
· Anyone wanting to make enquiries about handling personal information knows what to do
· Queries about handling personal information are promptly and courteously dealt with
· Methods of handling personal information are regularly assessed and evaluated