On the 25th May 2018, the General Data Protection Regulations (GDPR) 2018 came into force in the UK. These new data protection regulations build upon the Data Protection Act of 1998.
The GDPR require public authorities and businesses to identify the lawful basis for storing personal data, audit information we already hold and take a ‘data protection by design and default’ approach to personal data.
We take data protection very seriously at Dundale Primary School & Nursery In line with GDPR requirements, we have appointed a Data Protection Officer, Mr Richard Maskrey, to oversee our approach to data management and protection.
In order to ensure that we comply with the new regulations, we are reviewing our current policies and practices. We have already updated our privacy notices in line with the new requirements. These can be found below.
To learn more about the General Data Protection Regulation, please visit the Information Commissioner’s Office website on http://ico.org.uk
Subject Access Requests (SAR)
The school office may be closed outside of term time. Any requests made during holidays may not be completed by our staff until the school reopens. This includes Subject Access Requests (SAR) under GDPR and Freedom of Information Requests. Due to the complexities of replying to such requests during the school holidays, we may need up to 2 months, although we will endeavour to complete it more quickly, and usually within the standard 30 days once we are satisfied with your identity and the school is open. If we need longer than this during term time, we will inform you. See https://ico.org.uk/media/for-organisations/documents/1165/time-for-compliance-foia-guidance.pdf for clarification of this information.