GDPR

At Brompton Community Primary School we take the privacy of our staff, governors, parents/guardians and pupils very seriously and work to the highest standard to keep your data safe.  You may have already heard about the changes to data protection regulations, and the introduction of the General Data Protection Regulation (GDPR), which came into force on the 25th May 2018.

​We are committed to compliance with all relevant EU and Member State laws in respect of personal data, and the protection of the rights and freedoms of individuals whose information we collect and process in accordance with the General Data Protection Regulation (GDPR).

Who is responsible for Personal Data?

​As a school, we are a Data Controller under the new regulations and as such define how and why personal data is collected, stored, and used. We also utilise Data Processors – third parties that process the data we control on our behalf. As a Data Controller, we must comply with the new regulation as well as ensuring that all of our Data Processors are compliant.

We will achieve compliance by ensuring personal data is processed lawfully, transparently, and for a specific purpose. Once the purpose is fulfilled and the data is no longer required, it will be deleted, as stipulated within our Data Retention Policy.