In May 2018, to better protect personal data and reduce the number of cyber-related crimes, the new General Data Protection Regulations (GDPR) were brought into force by the European Commission.
We are proud and pleased to announce that we have been awarded the Cyber Essentials Accreditation, thereby demonstrating that we take security and the protection of data seriously and, more importantly, we are good at it!
Cyber Essentials Certification
At Giffards we have always taken data security very seriously as we appreciate the consequences of data being shared inappropriately or incorrectly and the implications this can have on everybody involved. To date we can assure you that good practice is demonstrated in all of our processes and procedures around data protection; however the more stringent GDPR means that we have to put into place additional measures and carry out further checks to make sure your data is even more secure. All relevant staff have undergone training and we have contacted companies we supply data to for confirmation of how they use the data and to ensure they keep the data safe at all times. We are satisfied that this is the case and data is never shared by any of the companies we use. However in order for us to share any of your and your child’s data/details that is not a statutory requirement, under the new GDPR we have to gain your permission. This has to be repeated at least every year.
As further explanation for you we thought we would give you some examples of how we share data. If you require any further information around GDPR or how we use/share data please contact the Data Protection Controller via the school office. Our Data Protection Officer is Mr Richard Betts, please do not hesitate to contact him if you have any queries that you do not believe have been addressed properly by the school or any concerns around data protection in the school – his email address is firstname.lastname@example.org
At Giffards in order to support learning and ensure every child has access to a broad, rich curriculum we subscribe to many different types of educational software. To enable each child’s progress and attainment to be monitored closely we often need to supply the software companies with details about your child; these are generally basic details such as name and date of birth:
- In Foundation Stage the teachers use software called 2Build a Profile – for this we have to share your child’s name and date of birth and will often include a photograph showing your child undertaking a certain activity; this is to enable the teachers to share your child’s achievements with you.
- We have to statutorily track every child’s progress in English, Maths and Science to allow us to report to the Department of Education. We monitor this by not only marking their books but assessing their work too. These assessments are recorded and continually updated on an assessment system called Target Tracker.
- Due to the increased need for work to be accessed remotely we have purchased a lot of ICT programs to ensure the children can continue with their education even in the need for self-isolation. These packages include a variety of english, spelling and maths programs.
- With increased use of social media in all areas we now not only use our website as an information tool, we also use social media in order to reach as many parents/carers/stakeholders as possible; we advise, update and/or send reminders to parents/carers of events, trips etc. using different forms of social media, i.e. messaging service, Twitter. When using our messaging service, we have to share your contact details with the company who sends the messages, at present this is Groupcall. No other details other than your name and mobile number/email address are shared with the company and Groupcall have confirmed that they do not keep any of your data once you are no longer a parent/carer of the school and never share this data with any other companies.
- Very important to us is the celebration of our pupil’s achievements and so we also like to publish photos of the children; for example at a sporting event or on our school newsletter and website/social media.
As always, to ensure the privacy and safety of pupils, we operate the following policy regarding publishing photographs of the children or their work at all times:
- Where pupils are named, only their first name is given and no photo of that pupil would be published.
- Where a photograph is used no names would be displayed
If you wish to find out any further information around GDPR, including what data we hold on your child or yourself, please do contact the school office.
You may find the attached information useful too.
Parent Carer Privacy Notice May 2021
Governor Privacy Notice May 2021