New legislation came into place on 25th May 2018, tightening the law around how we process personal data about our pupils, staff, parents, contractors, governors and other individuals we come into contact with.

The key principles underpinning the new Data Protection Act are that personal data must be:

• Processed lawfully, fairly and in a transparent manner
• Collected for specified, explicit and legitimate purposes
• Adequate, relevant and limited to what is necessary in relation to the purposes for which the data is processed
• Accurate and kept up to date
• Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed 
• Processed in a way that ensures appropriate security of personal data We need to meet these new rules and demonstrate our compliance with them.

If you feel that we have breached the principles of the Data Protection Act 2018, please contact our Data Protection Officer is REAch2, and can be contacted by email at:  dataprotectionofficer@reach2.org