You may have heard about the GDPR (General Data Protection Regulation) which came into force across all sectors on 25th May 2018. If not, you can find out more at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified. So, as you know, we hold lots of data about staff, governors, children and families and this can include names, dates of birth, addresses, email addresses and more.
As such, as what’s defined as a ‘data controller’, we are required to be careful about the way we store, share and keep safe this personal data and you are entitled to give us consent to do so.