GDPR (Data Protection)
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation which will determine how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.
It will apply from 25 May 2018 to organisations that process or handle personal data, including schools.
It's similar to the Data Protection Act (DPA) 1998 in many ways. Most of the differences involve the GDPR building on or strengthening the principles of the DPA.
- Policy and Procedures
- Privacy Notices – letters explaining how we comply
- Recording what data is shared with what organisations and how we made the decision to do so
- Data Protection Impact Assessments