,
Message sent from:

SO… WHAT IS GDPR AND HOW DOES IT AFFECT YOU?

The EU General Data Protection Regulation (GDPR) is a new data protection law, which will replace the existing EU laws. It aims to strengthen the protection of “personal data” paying particular attention to the way that data is now used and shared through internet and cloud technologies.

The EU wants to give people more control over how their data is used, whilst making a simpler, clearer a legal framework for organisations who manage, control and process people’s data.

Corpus Christi And GDPR

Here at Corpus Christi, we have been working hard to ensure we are fully GDPR compliant in time for this landmark privacy law.

This includes our role as 'data controllers' for the information we hold on our pupils and staff as well as 'data processors' for the data any third party group we may use such as companies to help process our assessment data about your child.

gdpr
  • OUR COMMITMENT TO GDPR

    We have, like many organisations, been reviewing our current processes, contracts and policies.  We can confirm that we continue to ensure that we are compliant in all areas of data security.

    Corpus Christi has always been committed to meeting the highest standards of data protection for our pupils, their families and our staff.  Over many years, we have developed systems, infrastructure and practices to ensure the best possible security and resilience. This means that we continually assess those companies that we use to process any data. 

  • WHAT IS OUR POLICY ON DATA SHARING?

    In line with GDPR we have reviewed our current data sharing agreement to ensure our policies are compliant. You can review a full copy of this policy here.

  • HOW SECURE ARE OUR SOLUTIONS?

    We have internal controls to ensure access to data is strictly controlled to those who require it to fulfil their roles on behalf of the school and to deliver the contracted services to other companies. Access to our servers is restricted to a very small number of employees who require access for systems maintenance and monitoring purposes. This access is via restricted IPs and is strictly via password control and authentication. Our systems are monitored 24/7 and there are full audit trails.

  • MORE INFORMATION ON GDPR

    The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organisations across the region approach data privacy. The ICO website outlines the GDPR policy in full detail. 

X
Hit enter to search