General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation which will determine how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data. ‘Personal data’ means information that can identify a living individual.
The regulation will apply to all schools from 25 May 2018, and will apply even after the UK leaves the EU.
The GDPR sets out the key principles that all personal data must be processed in line with.
There are also stronger rights for individuals regarding their own data.
The GDPR is similar to the Data Protection Act (DPA) 1998 (which schools already comply with), but strengthens many of the DPA’s principles. The main changes are:
If you have any questions regarding the above documents please contact Matthew Sorby on 01709 512088 who will be happy to help.