Back to top

Croft School

GDPR

On the 25th May 2018, the General Data Protection Regulation (GDPR) came into force in the UK. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

The GDPR require public authorities and businesses to identify the lawful basis for storing personal data, audit information we already hold and take a ‘data protection by design and default’ approach to personal data.

The Croft Primary School takes data protection very seriously. The Croft Primary School collects and uses personal information about staff, pupils, parents and other individuals who come into contact with the school. This information is gathered in order to enable it to provide education and other associated functions.

In addition, there may be a legal requirement to collect and use information to ensure that the school complies with its statutory obligations. In line with GDPR requirements, we have appointed a Data Protection Officer through the GCC Information Management Service to oversee our approach to data management and protection.

Data Protection Policy

Privacy notice - parents and pupils

Freedom of Information Policy

Freedom of Information Publication Scheme