Privacy Notice - GDPR
The General Data Protection Regulation (GDPR) is a piece of legislation that determines how people's personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.
For the purposes of GDPR The Elliot Foundation Multi Academies Trust is the 'data controller'. The Data Protection Officer for the trust is Jem Shuttleworth who can be contacted on email@example.com.
Hillingdon Primary School is a 'data processor:' our Local Compliance Officer is the School Business Leader. The School Business Leader can be contacted via the school office on firstname.lastname@example.org.
Across the trust we work to identify and monitor the use of personal data, to undertake the necessary processes for auditing and assessing risk and to ensure that policies are in place to support our schools to sustain compliance. Please see TEFAT's GDPR page on their website for further information.
As per the the requirements of the General Data Protection Regulation we are required to publish a Privacy Notice for Pupils: a copy of this can be found below. The Privacy Notice explains how we collect, store and use personal data about pupils, including the monitoring of pupils' use of their school provided email address and resulting online activity. It also provides guidance on making a subject access request (SAR) should parents wish to access the personal information that the school holds about their child.