ACE GDPR Policy and processes
ACE collects and uses personal information about staff, students, parents or carers and other individuals who come into contact with the school in order to enable us to provide education and other associated functions.
In addition, there may be a legal requirement to collect and use information to ensure that the school complies with its statutory obligations as reported to the Local / National Government.
Schools have a duty to be registered, as Data Controllers, with the Information Commissioner’s Office (ICO) detailing the information held and its use. These details are then available on the ICO’s website. Schools also have a duty to issue a Fair Processing Notice to all students/parents or carers, this summarises the information held on students, why it is held and the other parties to whom it may be passed on.
ACE seeks to collect only the data that we require in order to carry out our role of organising, providing, monitoring and reporting on educational provision. We seek to be clear about what information we collect, why and how it will be used and to ensure that all data is kept secure, kept updated and is securely deleted when no longer required.
ACE GDPR Data Protection Policy (full version)