GDPR

Date Palm Primary School needs to keep certain information about its employees, students and other users to allow it to monitor performance, achievements, and health and safety. It is also necessary to process information so that staff can be recruited and paid, courses organised and legal obligations to funding bodies and government complied with. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully. To do this, Date Palm Primary School must comply with the Data Protection Principles which are set out in the Data Protection Act 1998 ( the 1998 Act), and changes to data protection legislation (GDPR May 2018) shall be monitored and implemented in order to remain compliant with all requirements.

 

In summary these state that personal data shall:

  • Be obtained and processed fairly and lawfully and shall not be processed unless certain conditions are met.
  • Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose.
  • Be adequate, relevant and not excessive for that purpose.
  • Be accurate and kept up to date.
  • Not be kept for longer than is necessary for that purpose.
  • Be processed in accordance with the data subject’s rights.
  • Be kept safe from unauthorised access, accidental loss or destruction.

 

Date Palm Primary School and all staff or others who process or use personal information must ensure that they follow these principles at all times. In order to ensure that this happens, the School has developed their GDPR Policy (see below).

Requesting access to your personal data

Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact the school’s Data Protection Officer – Kamrul Islam at dpo@datepalmprimary.com

You also have the right, subject to some limitations to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance.