The European General Data Protection Regulation (GDPR) law came into effect on 25 May 2018. The objective of this law is to ensure all personal data relating to living EU citizens (including the UK citizens) is protected and that those who are entrusted with such data are held accountable for its protection.
Following the UK’s departure from the EU (January 2020) the GDPR has been retained in UK law as the UK GDPR and will apply alongside the Data Protection Act 2018.
The City Learning Trust (CLT) and its member academies are committed to data privacy and protection and we have robust systems in place to ensure GDPR compliance. The GDPR principles are embedded in our data processing so that parents/carers, pupils/students, staff, governors/trustees, volunteers and visitors are assured that we handle their personal data respectfully, and in-line with the law. Our practice to ensure compliance is detailed below.
The Trust’s Data Protection Policy is written in line with GDPR and it drives the highest standards of privacy and protection of personal data rights across the Trust. It includes our policy on data breaches and subject access requests. The policy is reviewed bi-annually.
We keep a record of our processing activities to ensure all data held and processed is complaint with current regulations. We record:
Privacy notices for staff, pupils/students, parents/carers, volunteers and governors/trustees align with GDPR guidelines, are made available and reviewed annually.
Data Protection Impact Assessments, Contracts and Employees of the Trust
We will implement, when necessary, Data Protection Impact Assessments for projects that may involve high risk processing as covered under GDPR.
We add addendums to contracts with contractors to ensure all parties take account of their respective obligations and responsibilities under GDPR.
All staff are well informed of the legislation. GDPR awareness training is included in the Trust’s annual training cycle.
We have a Data Protection Officer.
All procedures align with the individual’s rights as specified under GDPR.
Our Subject Access Request procedure, to manage requests for data, is in line with GDPR
Any data breaches are handled and reported in line with GDPR
Seeking, recording and managing consent is in line with GDPR.
Privacy Notices are in line with GDPR
GDPR Audit Cycle
We conduct a thorough audit of our GDPR processes and procedures annually to ensure compliance with current regulations
GDPR Roles and Responsibilities
Our Date Protection Officer and Executive Director – Estates and Risk have implemented, and maintain a system that ensures the Trust meets its obligations under the GDPR. They are responsible for promoting awareness of the GDPR across the Trust, assessing compliance, identifying gap areas, including employee awareness and training and the updating of policies, privacy notices and procedures, including GDPR audits.
If you have any queries please contact:
The Data Protection Officer:
Telephone: 01782 853535
Email:Â [email protected]
The European General Data Protection Regulation (GDPR) law came into effect on 25 May 2018. The objective of this law is to ensure all personal data relating to living EU citizens (including the UK citizens) is protected and that those who are entrusted with such data are held accountable for its protection.
Following the UK’s departure from the EU (January 2020) the GDPR has been retained in UK law as the UK GDPR and will apply alongside the Data Protection Act 2018.
The City Learning Trust (CLT) and its member academies are committed to data privacy and protection and we have robust systems in place to ensure GDPR compliance. The GDPR principles are embedded in our data processing so that parents/carers, pupils/students, staff, governors/trustees, volunteers and visitors are assured that we handle their personal data respectfully, and in-line with the law. Our practice to ensure compliance is detailed below.
The Trust’s Data Protection Policy is written in line with GDPR and it drives the highest standards of privacy and protection of personal data rights across the Trust. It includes our policy on data breaches and subject access requests. The policy is reviewed bi-annually.
We keep a record of our processing activities to ensure all data held and processed is complaint with current regulations. We record:
Privacy notices for staff, pupils/students, parents/carers, volunteers and governors/trustees align with GDPR guidelines, are made available and reviewed annually.
Data Protection Impact Assessments, Contracts and Employees of the Trust
We will implement, when necessary, Data Protection Impact Assessments for projects that may involve high risk processing as covered under GDPR.
We add addendums to contracts with contractors to ensure all parties take account of their respective obligations and responsibilities under GDPR.
All staff are well informed of the legislation. GDPR awareness training is included in the Trust’s annual training cycle.
We have a Data Protection Officer.
All procedures align with the individual’s rights as specified under GDPR.
Our Subject Access Request procedure, to manage requests for data, is in line with GDPR
Any data breaches are handled and reported in line with GDPR
Seeking, recording and managing consent is in line with GDPR.
Privacy Notices are in line with GDPR
GDPR Audit Cycle
We conduct a thorough audit of our GDPR processes and procedures annually to ensure compliance with current regulations
GDPR Roles and Responsibilities
Our Date Protection Officer and Executive Director – Estates and Risk have implemented, and maintain a system that ensures the Trust meets its obligations under the GDPR. They are responsible for promoting awareness of the GDPR across the Trust, assessing compliance, identifying gap areas, including employee awareness and training and the updating of policies, privacy notices and procedures, including GDPR audits.
If you have any queries please contact:
The Data Protection Officer:
Telephone: 01782 853535
Email:Â [email protected]
Mill Hill Primary Academy
Sunnyside Avenue
Tunstall
Stoke-on-Trent
Staffordshire
ST6 6ED
© 2023 Mill Hill Primary Academy
City Learning Trust is a Company limited by guarantee, registered in England and Wales, with Registered Company Number 07746561. Registered office: Haywood Academy, High Lane, Burslem, Stoke-on-Trent, ST6 7AB. VAT Registration Number: 141 4134 56. If you require this information in any other format please let us know.
Part of the City Learning Trust
Designed by Strategi Solutions Group Ltd