In May 2018, to better protect personal data and reduce the number of cyber-related crimes, the new General Data Protection Regulations (GDPR) are being brought into force by the European Commission.
We are proud and pleased to announce that we have been awarded the Cyber Essentials Accreditation, thereby demonstrating that we take security and the protection of data seriously and more importantly – we are good at it!
At Giffards we have always taken data security very seriously as we appreciate the consequences of data being shared inappropriately or incorrectly and the implications this can have on everybody involved. To date we can assure you that good practice is demonstrated in all of our processes and procedures around data protection; however the more stringent GDPR means that we have to put into place additional measures and carry out further checks to make sure your data is even more secure. All relevant staff have undergone training and we have contacted companies we supply data to for confirmation of how they use the data and to ensure they keep the data safe at all times. We are satisfied that this is the case and data is never shared by any of the companies we use. However in order for us to share any of your and your child’s data/details that is not a statutory requirement, under the new GDPR we have to gain your permission. This has to be repeated at least every year.
As further explanation for you we thought we would give you some examples of how we share data. If you require any further information around GDPR or how we use/share data please contact the Data Protection Controller by emailing firstname.lastname@example.org or via the school office.
At Giffards in order to support learning and ensure every child has access to a broad, rich curriculum we subscribe to many different types of educational software. To enable each child’s progress and attainment to be monitored closely we often need to supply the software companies with details about your child; these are generally basic details such as name and date of birth:
- In Foundation Stage the teachers use software called 2Build a Profile – for this we have to share your child’s name and date of birth and will often include a photograph showing your child undertaking a certain activity; this is to enable the teachers to share your child’s achievements with you.
- We have to statutorily track every child’s progress in English, Maths and Science to allow us to report to the Department of Education. We monitor this by not only marking their books but assessing their work too. These assessments are recorded and continually updated on an assessment system called Target Tracker.
- With increased use of social media in all areas we now not only use our website as an information tool; Giffards would like to advise, update and/or send reminders to parents/carers of events, trips etc. using different forms of social media, i.e. messaging service, Facebook. When using our messaging service, we have to share your contact details with the company who sends the messages, at present this is Groupcall. No other details other than your name and mobile number/email address are shared with the company and Groupcall have confirmed that they do not keep any of your data once you are no longer a parent/carer of the school and never share this data with any other companies.
- Very important to us is the celebration of our pupil’s achievements and so we also like to publish photos of the children; for example at a sporting event or on our school newsletter and website.
As always, to ensure the privacy and safety of pupils, we operate the following policy regarding publishing photographs of the children or their work at all times:
- Where pupils are named, only their first name is given and no photo of that pupil would be published.
- Where a photograph is used no names would be displayed
If you wish to find out any further information around GDPR, including what data we hold on your child or yourself, please do contact the school office.