On 25th May 2018 GDPR the General Data Protection Regulation (GDPR) will be applicable and the current Data Protection Act (DPA) will be updated by a new Act giving effect to its provisions.
Compton and Up Marden CE School is proactively engaged with the new compliance requirements of the Data Protection Legislation (GDPR) and is registered as a "Data Controller" with the Information Commissioners Office (Reg No. Z6239400).
The Data Protection Officer (DPO) for Compton and Up Marden CESchool is Mrs Helen Martin and she can be contacted via e-mail: firstname.lastname@example.org.
We will continue to ensure that your personal data is processed fairly and lawfully, is accurate, is kept secure and is retained for no longer than is necessary.
Our pupils and parents
At Compton and Up Marden CESchool School we have taken steps to ensure all data kept at school and with our third party suppliers are protected and secure. We have and will continue to keep parents informed on the data we are required to keep either on paper in a locked file or on our secure server.
West Sussex schools have identified secure ways in which to share files within the county either when a pupil leaves or is new to the school.
Why do we hold personal data?
The main reason that our school processes personal data is because it is necessay in order to comply with the school's legal obligations and to enable us to perform tasks carried out in the public interest.
How are we ensuring compliance with the GDPR?
At Compton and Up Marden CESchool, our staff and governors have a clear understanding of data handling in order to minimise the risk of personal data breaches.
We are introducing encrypted and password protected USB memory sticks to all teaching staff, to ensure the security of any personal data, such as assessment information.
All staff must take photos of staff/pupils on a school device and not personal devices.
We are undertaking an extensive data mapping excercise of all our personal data processing activities to ensure that the processing is compliant with data protection legislations. This is led by our DPO and we will continue to update and improve on this excercise. All our contracts with third party suppliers are being reviewed to ensure they are compliant with the requirements of the new data protection legislation.