The General Data Protection Regulation (GDPR) is Europe’s new framework for data protection – it came into force on 25th May 2018 at the same time as the UK’s Data Protection Act 2018 (DPA 2018). Since the UK left the EU (in 2020) the GDPR has become the UK GDPR and sits alongside the DPA 2018 and this will continue to be the case for the foreseeable future.
These new regulations work together to control the way information is collected, stored and processed. Many organisations including schools, academies and other educational establishments now operate within this new legal framework.
Wade Deacon Trust (and academies within the Trust) are working with NexusProtect in order to become compliant with these new rules and regulations and we have altered many of our policies and procedures in order to better protect the data we hold about our pupils, parents and staff.
Requests for information
The Trust (and academies within the Trust) will follow current data protection and other legislative guidance when dealing with Data Subject Access Requests – click here for current ICO Pupils Guidance. As Wade Deacon Trust Trust schools are academies, a student or parent/carer (person with parental responsibility/legal guardian) does not have a legal right to access a child’s educational record. It will be up to the school to decide whether to grant such access.
If you wish to request information we hold about you, please complete the Data Subject Access Form below and send it to the relevant academy or the Wade Deacon Trust Office. Any request in writing from the individual (Data Subject) will be considered as a valid request, whatever the format, as long as it contains the relevant information to enable us to deal with your request.
How do you request information on behalf of someone else?
If you are requesting information on behalf of someone else, you must complete the Data Subject Access Request Form and provide written evidence that you have the Data Subject’s authority to ask for the information on their behalf e.g. signature on the Data Subject Access Form, a letter written by them or evidence of Power of Attorney etc.
Please complete the appropriate request form and send it to the relevant academy.
If your Data Subject Access Request is approved, you will be provided with either a printout or a photocopy of paper records. Where information is requested to be provided by email, we will only agree to this if it can be sent via an approved secure method.
We will contact you to advise if we are unable to approve your request for information.
How do you provide your identity?
If you are not known to the academy or Trust Office, we may ask to see proof of your identity. The following forms of identity will be accepted as proof of identity:
A copy of your passport
A copy of your driving licence
A copy of your bank, building society or credit card statement in the Data Subject's name for the last quarter
A copy of your Council Tax bill
Will you be charged for information provided?
Wade Deacon Trust (and academies within the Trust) will follow guidance within current Data Protection legislation in relation to charges for information. See http://www.ico.org.uk for further information.
What do you do if the data is incorrect?
Please contact the relevant academy / Trust Office to tell them what is incorrect and ask for it to be corrected. You can also appeal to the Information Commissioner if the academy does not correct the information.
Making a complaint
If you are unhappy with the way your request for information has been dealt with, or you think your data has been misused or not held securely, please contact the Trust Data Protection Officer in the first instance.