You may have heard a lot about ‘GDPR’ in the news, which stands for ‘The General Data Protection Regulation’. This is a piece of EU-wide legislation which will determine how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.

‘Personal data’ means information that can identify a living individual.

The regulation will apply to all schools from 25 May 2018, and will apply even after the UK leaves the EU.

The GDPR is similar to the Data Protection Act (DPA) 1998 (which schools already comply with), but strengthens many of the DPA’s principles including informing Parents and children about the school’s legal basis for processing personal information, how we store that personal information and how we keep it safe.