Data Protection Policy
All academies within the Ark Schools network collect and use certain types of personal information about staff, pupils, parents and other individuals who come into contact with the academy in order provide education and associated functions. Our academies may be required by law to collect and use certain types of information to comply with statutory obligations related to employment, education and safeguarding, and this policy is intended to ensure that personal information is dealt with properly and securely and in accordance with the General Data Protection Regulation (GDPR) and other legislation.
The GDPR applies to all computerised data and manual files if they come within the definition of a filing system. Broadly speaking, a filing system is one where the data is structured in some way that it is searchable on the basis of specific criteria (so you would be able to use something like the individual’s name to find their information), and if this is the case, it does not matter whether the information is located in a different physical location.
This policy will be updated as necessary to reflect best practice, or amendments made to data protection legislation, and shall be reviewed every 3 years.
The attached policy is intended to ensure that personal information is dealt with properly and securely and in accordance with the Data Protection Act 1998 (“the DPA”) and other related legislation. It will apply to information regardless of the way it is used, recorded and stored and whether it is held in paper files or electronically.