General Data Protection Regulations
(GDPR)
The General Data Protection Regulation (GDPR) will be implemented in the UK from the 25th May 2018. This will replace much of the existing provisions of the Data Protection Act 1998. We are all responsible for Data Protection in all walks of life in order to protect others and ourselves and this is of course no different in the school environment. The primary principles of the GDPR are:
- To ensure that personal data is processed lawfully, fairly and in a transparent manner in relation to individuals.
- To be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- To be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data must be accurate and kept up to date.
- Data must be kept in a form which permits identification of data subjects for no longer than is necessary.
- Consent conditions are considerably strengthened – consent must be ‘freely’ given and must be specific. Please refer to the list of situations below where consent may be sought for photography/Videos etc.
Below are the possible reasons for photographs/filming/audio recording:
Advertising on public screens and public transport
Communication within school
Displays within school to support pupil learning, to enthuse and to engage
Internal information sharing on screens within school
Momentoes such as the yearbook
Newsletters - news stories
Promotional banners and posters
Prospectus
Publication on the school website
Sharing events and celebration of success stories with the local and wider community via newspaper articles/ radio stories/twitter feeds
