GENERAL DATA PROTECTION REGULATION (GDPR) POLICY

Transcription

1 GENERAL DATA PROTECTION REGULATION (GDPR) POLICY Apprved: Review Date: February 2019

2 1. Legal framewrk 1.1 This plicy has due regard t legislatin, including, but nt limited t the fllwing: The General Data Prtectin Regulatin (GDPR) The Freedm f Infrmatin Act 2000 The Educatin (Pupil Infrmatin) (England) Regulatins 2005 (as amended in 2016) The Freedm f Infrmatin and Data Prtectin (Apprpriate Limit and Fees) Regulatins 2004 The Trust Standards and Framewrk Act 1998 The Data Prtectin Bill 2018 in its current frm. 1.2 This plicy will als have regard t the fllwing guidance: Infrmatin Cmmissiner s Office (2017) Overview f the General Data Prtectin Regulatin (GDPR). Infrmatin Cmmissiner s Office (2017) Preparing fr the General Data Prtectin Regulatin (GDPR) 12 steps t take nw 2. Applicable data 3. Principles 2.1 Fr the purpse f this plicy, persnal data refers t any infrmatin that relates t an identifiable, living individual, including infrmatin such as an nline identifier, e.g. an IP address. The GDPR applies t bth autmated persnal data and t manual filing systems, where persnal data is accessible accrding t specific criteria, as well as t chrnlgically rdered data and pseudnymised data, e.g. key-cded. 2.2 Sensitive persnal data is referred t in the GDPR as special categries f persnal data, which are bradly the same as thse in the Data Prtectin Act (DPA) These specifically include the prcessing f persnal data revealing sexual rientatin r activities, racial r ethnic rigin, plitical pinins, religius r philsphical beliefs r trade unin membership and the prcessing f genetic data, bimetric data and data cncerning health matters. 3.1 In accrdance with the requirements utlined in the GDPR, persnal data must be: Prcessed lawfully, fairly and in a transparent manner in relatin t individuals. Cllected fr specified, explicit and legitimate purpses and nt further prcessed in a manner that is incmpatible with thse purpses; further prcessing fr archiving purpses in the public interest, scientific r histrical research purpses r statistical purpses shall nt be cnsidered t be incmpatible with the initial purpses. Adequate, relevant and limited t what is necessary in relatin t the purpses fr which they are prcessed. Accurate and, where necessary, kept up-t-date; every reasnable step must be taken t ensure that persnal data that are inaccurate, having regard t the purpses fr which they are prcessed, are erased r rectified withut delay. Kept in a frm which permits identificatin f data subjects fr n lnger than is necessary fr the purpses fr which the persnal data are prcessed; persnal data may be stred fr lnger perids, insfar as the persnal data will be prcessed slely fr archiving purpses in the public interest, scientific r histrical research purpses r statistical purpses, subject t implementatin f the apprpriate technical and rganisatinal measures required by the GDPR in rder t safeguard the rights and freedms f individuals. Prcessed in a manner that ensures apprpriate security f the persnal data, including prtectin against unauthrised r unlawful prcessing and against accidental lss, destructin r damage, using apprpriate technical r rganisatinal measures. 3.2 The GDPR als requires that the cntrller shall be respnsible fr, and able t demnstrate, cmpliance with the principles.

3 4. Accuntability 4.1 The Trust will implement apprpriate technical and rganisatinal measures t demnstrate that data is prcessed in line with the principles set ut in the GDPR. 4.2 The Trust will prvide cmprehensive, clear and transparent privacy plicies. 4.3 Additinal internal recrds f the Trust s prcessing activities will be maintained and kept up-t-date in the Trusts Infrmatin Asset Register. 4.4 Internal recrds f prcessing activities will include the fllwing: Purpse(s) f the prcessing Descriptin f the categries f individuals and persnal data Retentin schedules Categries f recipients f persnal data Descriptin f technical and rganisatinal security measures Details f transfers t third cuntries, including dcumentatin f the transfer mechanism safeguards in place Legal basis fr the prcessing 4.5 The Trust will implement measures that meet the principles f data prtectin by design and data prtectin by default, such as: Data minimisatin. Pseudnymisatin. Transparency. Allwing individuals t mnitr prcessing. Cntinuusly creating and imprving security features. 4.6 Data prtectin impact assessments will be used, where apprpriate. 5. Data prtectin fficer (DPO) 5.1 A DPO will be appinted in rder t: Infrm and advise the Trust and its emplyees abut their bligatins t cmply with the GDPR and ther data prtectin laws. Mnitr the Trust s cmpliance with the GDPR and ther laws, including managing internal data prtectin activities, advising n data prtectin impact assessments, cnducting internal audits, and prviding the required training t staff members. 5.2 An existing emplyee may be appinted t the rle f DPO prvided that their duties are cmpatible with the duties f the DPO and d nt lead t a cnflict f interests. 5.3 The individual appinted as DPO will have prfessinal experience and knwledge f data prtectin law, particularly that in relatin t schls. 5.4 The DPO will reprt t the highest level f management at the Trust, which is the Chief Executive Officer. 5.5 The DPO will perate independently and will nt be dismissed r penalised fr perfrming their task. 5.6 Sufficient resurces will be prvided t the DPO t enable them t meet their GDPR bligatins. 6. Lawful prcessing 6.1 The legal basis fr prcessing data must be identified and dcumented in the Trust s Infrmatin Asset Register prir t data being prcessed. 6.2 Under the GDPR, data can nly be lawfully prcessed under the fllwing cnditins: The cnsent f the data subject has been btained. Prcessing is necessary fr: Cmpliance with a legal bligatin. The perfrmance f a task carried ut in the public interest r in the exercise f fficial authrity vested in the cntrller.

4 7. Cnsent Fr the perfrmance f a cntract with the data subject r t take steps t enter int a cntract. Prtecting the vital interests f a data subject r anther persn. Fr the purpses f legitimate interests pursued by the cntrller r a third party, except where such interests are verridden by the interests, rights r freedms f the data subject. (This cnditin is nt available t prcessing undertaken by the Trust in the perfrmance f its tasks.) 6.3 Sensitive data will nly be prcessed under the fllwing cnditins: Explicit cnsent f the data subject, unless reliance n cnsent is prhibited by EU r Member State law. Prcessing carried ut by a nt-fr-prfit bdy with a plitical, philsphical, religius r trade unin aim prvided the prcessing relates nly t members r frmer members (r thse wh have regular cntact with it in cnnectin with thse purpses) and prvided there is n disclsure t a third party withut cnsent. Prcessing relates t persnal data manifestly made public by the data subject. Prcessing is necessary fr: Carrying ut bligatins under emplyment, scial security r scial prtectin law, r a cllective agreement. Prtecting the vital interests f a data subject r anther individual where the data subject is physically r legally incapable f giving cnsent. The establishment, exercise r defence f legal claims r where curts are acting in their judicial capacity. Reasns f substantial public interest n the basis f Unin r Member State law which is prprtinate t the aim pursued and which cntains apprpriate safeguards. The purpses f preventative r ccupatinal medicine, fr assessing the wrking capacity f the emplyee, medical diagnsis, the prvisin f health r scial care r treatment r management f health r scial care systems and services n the basis f Unin r Member State law r a cntract with a health prfessinal. Reasns f public interest in the area f public health, such as prtecting against serius crss-brder threats t health r ensuring high standards f healthcare and f medicinal prducts r medical devices. Archiving purpses in the public interest, r scientific and histrical research purpses r statistical purpses in accrdance with Article 89(1). 7.1 Cnsent must be a psitive indicatin. It cannt be inferred frm silence, inactivity r preticked bxes. 7.2 Cnsent will nly be accepted where it is freely given, specific, infrmed and an unambiguus indicatin f the individual s wishes. 7.3 Where cnsent is given, a recrd will be kept dcumenting hw and when cnsent was given. 7.4 The Trust ensures that cnsent mechanisms meet the standards f the GDPR. Where the standard f cnsent cannt be met, an alternative legal basis fr prcessing the data must be fund, r the prcessing must cease. 7.5 Cnsent accepted under the DPA will be reviewed t ensure it meets the standards f the GDPR; hwever, acceptable cnsent btained under the DPA will nt be rebtained. 7.6 Cnsent can be withdrawn by the individual at any time. 7.7 Where a child is under the age f 13, the cnsent f parents will be sught prir t the prcessing f their data, except where the prcessing is related t preventative r cunselling services ffered directly t a child.

5 8. The right t be infrmed 8.1 Privacy ntices will be supplied t Staff and Students (and their Parents/Guardians) at the time they jin the Trust, and be available nline at the Trust s website. 8.2 The privacy ntice supplied t individuals in regards t the prcessing f their persnal data will be written in clear, plain language which is cncise, transparent, easily accessible and free f charge. 8.3 If services are ffered directly t a child, the Trust will ensure that the privacy ntice is written in a clear, plain manner that the child will understand. 8.4 In relatin t data btained bth directly frm the data subject and nt btained directly frm the data subject, the fllwing infrmatin will be supplied within the privacy ntice: The identity and cntact details f the cntrller (and where applicable, the cntrller s representative) and the DPO. The purpse f, and the legal basis fr, prcessing the data. The legitimate interests f the cntrller r third party. Any recipient r categries f recipients f the persnal data. Details f transfers t third cuntries and the safeguards in place. The retentin perid f criteria used t determine the retentin perid. The existence f the data subject s rights, including the right t: Withdraw cnsent at any time. Ldge a cmplaint with a supervisry authrity. The existence f autmated decisin making, including prfiling, hw decisins are made, the significance f the prcess and the cnsequences. 8.5 Where data is btained directly frm the data subject, infrmatin regarding whether the prvisin f persnal data is part f a statutry r cntractual requirement, as well as any pssible cnsequences f failing t prvide the persnal data, will be prvided. 8.6 Where data is nt btained directly frm the data subject, infrmatin regarding the categries f persnal data that the Trust hlds, the surce that the persnal data riginates frm and whether it came frm publicly accessible surces, will be prvided. 8.7 Fr data btained directly frm the data subject, this infrmatin will be supplied at the time the data is btained. 8.8 In relatin t data that is nt btained directly frm the data subject, this infrmatin will be supplied: Within ne mnth f having btained the data. If disclsure t anther recipient is envisaged, at the latest, befre the data are disclsed. If the data are used t cmmunicate with the individual, at the latest, when the first cmmunicatin takes place. 9. The right f access 9.1 Individuals have the right t btain cnfirmatin that their data is being prcessed. 9.2 Individuals have the right t submit a subject access request (SAR) t gain access t their Persnal data in rder t verify the lawfulness f the prcessing. 9.3 The Trust will verify the identity f the persn making the request befre any infrmatin is supplied. 9.4 A cpy f the infrmatin will be supplied t the individual free f charge; hwever, the Trust may impse a reasnable fee t cmply with requests fr further cpies f the same infrmatin. 9.5 Where a SAR has been made electrnically, the infrmatin will be prvided in a c cmmnly used electrnic frmat. 9.6 Where a request is manifestly unfunded, excessive r repetitive, a reasnable fee will be c harged. 9.7 All fees will be based n the administrative cst f prviding the infrmatin.

6 9.8 All requests will be respnded t withut delay and at the latest, within ne mnth f receipt. 9.9 In the event f numerus r cmplex requests, the perid f cmpliance will be extended by a further tw mnths. The individual will be infrmed f this extensin, and will receive an explanatin f why the extensin is necessary, within ne mnth f the receipt f the request Where a request is manifestly unfunded r excessive, the Trust hlds the right t refuse t respnd t the request. The individual will be infrmed f this decisin and the reasning behind it, as well as their right t cmplain t the supervisry authrity and t a judicial remedy, within One mnth f the refusal In the event that a large quantity f infrmatin is being prcessed abut an individual, the Trust will ask the individual t specify the infrmatin the request is in relatin t. 10 The right t rectificatin 10.1 Individuals are entitled t have any inaccurate r incmplete persnal data rectified Where the persnal data in questin has been disclsed t third parties, the Trust will infrm them f the rectificatin where pssible Where apprpriate, the Trust will infrm the individual abut the third parties that the data has been disclsed t Requests fr rectificatin will be respnded t within ne mnth; this will be extended by tw mnths where the request fr rectificatin is cmplex Where n actin is being taken in respnse t a request fr rectificatin, the Trust will explain the reasn fr this t the individual, and will infrm them f their right t cmplain t the supervisry authrity and t a judicial remedy. 11 The right t erasure 11.1 Individuals hld the right t request the deletin r remval f persnal data where there is n cmpelling reasn fr its cntinued prcessing Individuals have the right t erasure in the fllwing circumstances: Where the persnal data is n lnger necessary in relatin t the purpse fr which it was riginally cllected/prcessed When the individual withdraws their cnsent, and that cnsent was the nly legal basic fr the cntinued prcessing f that data. When the individual bjects t the prcessing and there is n verriding legitimate interest fr cntinuing the prcessing The persnal data was unlawfully prcessed The persnal data is required t be erased in rder t cmply with a legal bligatin The persnal data is prcessed in relatin t the ffer f infrmatin sciety services t a child 11.3 The Trust has the right t refuse a request fr erasure where the persnal data is being prcessed fr the fllwing reasns: T exercise the right f freedm f expressin and infrmatin T cmply with a legal bligatin fr the perfrmance f a public interest task r exercise f fficial authrity Fr public health purpses in the public interest Fr archiving purpses in the public interest, scientific research, histrical research r statistical purpses The exercise r defence f legal claims

7 11.4 As a child may nt fully understand the risks invlved in the prcessing f data when cnsent is btained, special attentin will be given t existing situatins where a child has given cnsent t prcessing and they later request erasure f the data, regardless f age at the time f the request Where persnal data has been disclsed t third parties, they will be infrmed abut the erasure f the persnal data, unless it is impssible r invlves disprprtinate effrt t d s Where persnal data has been made public within an nline envirnment, the Trust will infrm ther rganisatins wh prcess the persnal data t erase links t and cpies f the persnal data in questin. 12 The right t restrict prcessing 12.1 Individuals have the right t blck r suppress the Trust s prcessing f persnal data In the event that prcessing is restricted, the Trust will stre the persnal data, but nt further prcess it, guaranteeing that just enugh infrmatin abut the individual has been retained t ensure that the restrictin is respected in future The Trust will restrict the prcessing f persnal data in the fllwing circumstances: Where an individual cntests the accuracy f the persnal data, prcessing will be restricted until the Trust has verified the accuracy f the data Where an individual has bjected t the prcessing and the Trust is cnsidering whether their legitimate grunds verride thse f the individual Where prcessing is unlawful and the individual ppses erasure and requests restrictin instead Where the Trust n lnger needs the persnal data but the individual requires the data t establish, exercise r defend a legal claim 12.4 If the persnal data in questin has been disclsed t third parties, the Trust will infrm them abut the restrictin n the prcessing f the persnal data, unless it is impssible r invlves disprprtinate effrt t d s The Trust will infrm individuals when a restrictin n prcessing has been lifted. 13 The right t data prtability Individuals have the right t btain and reuse their persnal data fr their wn purpses acrss different services Persnal data can be easily mved, cpied r transferred frm ne IT envirnment t anther in a safe and secure manner, withut hindrance t usability The right t data prtability nly applies in the fllwing cases: T persnal data that an individual has prvided t a cntrller Where the prcessing is based n the individual s cnsent r fr the perfrmance f a cntract When prcessing is carried ut by autmated means 13.4 Persnal data will be prvided in a structured, cmmnly used and machine-readable frm Persnal data will nly be prvided after apprpriate verificatin f the identity f the requester has been carried ut The Trust will prvide the infrmatin free f charge Where feasible, data will be transmitted directly t anther rganisatin at the request f the individual The Trust is nt required t adpt r maintain prcessing systems which are technically cmpatible with ther rganisatins In the event that the persnal data cncerns mre than ne individual, the Trust will cnsider whether prviding the infrmatin wuld prejudice the rights f any ther individual The Trust will respnd t any requests fr prtability within ne mnth.

8 13.11 Where the request is cmplex, r a number f requests have been received, the timeframe can be extended by tw mnths, ensuring that the individual is infrmed f the extensin and the reasning behind it within ne mnth f the receipt f the request Where n actin is being taken in respnse t a request, the Trust will, withut delay and at the latest within ne mnth, explain t the individual the reasn fr this and will infrm them f their right t cmplain t the supervisry authrity and t a judicial remedy. 14 The right t bject 14.1 The Trust will infrm individuals f their right t bject at the first pint f cmmunicatin, and this infrmatin will be utlined in the privacy ntice and explicitly brught t the attentin f the data subject, ensuring that it is presented clearly and separately frm any ther infrmatin Individuals have the right t bject t the fllwing: Prcessing based n legitimate interests r the perfrmance f a task in the public interest Direct marketing Prcessing fr purpses f scientific r histrical research and statistics Where persnal data is prcessed fr the perfrmance f a legal task r legitimate interests: An individual s grunds fr bjecting must relate t his r her particular situatin. The Trust will stp prcessing the individual s persnal data unless the prcessing is fr the establishment, exercise r defence f legal claims, r, where the Trust can demnstrate cmpelling legitimate grunds fr the prcessing, which verride the interests, rights and freedms f the individual Where persnal data is prcessed fr direct marketing purpses: The Trust will stp prcessing persnal data fr direct marketing purpses as sn as an bjectin is received. The Trust cannt refuse an individual s bjectin regarding data that is being prcessed fr direct marketing purpses Where persnal data is prcessed fr research purpses: The individual must have grunds relating t their particular situatin in rder t exercise their right t bject. Where the prcessing f persnal data is necessary fr the perfrmance f a public interest task, the Trust is nt required t cmply with an bjectin t the prcessing f the data Where the prcessing activity is utlined abve, but is carried ut nline, the Trust will ffer a methd fr individuals t bject nline. 15 Autmated decisin making and prfiling 15.1 Individuals have the right nt t be subject t a decisin when: It is based n autmated prcessing, e.g. prfiling. It prduces a legal effect r a similarly significant effect n the individual The Trust will take steps t ensure that individuals are able t btain human interventin, express their pint f view, and btain an explanatin f the decisin and challenge it When autmatically prcessing persnal data fr prfiling purpses, the Trust will ensure that the apprpriate safeguards are in place, including: Ensuring prcessing is fair and transparent by prviding meaningful infrmatin abut the lgic invlved, as well as the significance and the predicted impact. Using apprpriate mathematical r statistical prcedures. Implementing apprpriate technical and rganisatinal measures t enable inaccuracies t be crrected and minimise the risk f errrs. Securing persnal data in a way that is prprtinate t the risk t the interests and rights f the individual and prevents discriminatry effects.

9 15.4 Autmated decisins must nt cncern a child r be based n the prcessing f sensitive data, unless: The Trust has the explicit cnsent f the individual. The prcessing is necessary fr reasns f substantial public interest n the basis f Unin/Member State law. 16 Privacy by design and privacy impact assessments 16.1 The Trust will act in accrdance with the GDPR by adpting a privacy by design apprach and implementing technical and rganisatinal measures which demnstrate hw the Trust has cnsidered and integrated data prtectin int prcessing activities Data prtectin impact assessments (DPIAs) will be used t identify the mst effective methd f cmplying with the Trust s data prtectin bligatins and meeting individuals expectatins f privacy DPIAs will allw the Trust t identify and reslve prblems at an early stage, thus reducing assciated csts and preventing damage frm being caused t the Trust s reputatin which might therwise ccur A DPIA will be carried ut when using new technlgies r when the prcessing is likely t result in a high risk t the rights and freedms f individuals A DPIA will be used fr mre than ne prject, where necessary High risk prcessing includes, but is nt limited t, the fllwing: Systematic and extensive prcessing activities, such as prfiling Large scale prcessing f special categries f data r persnal data which is in relatin t criminal cnvictins r ffences The use f CCTV The Trust will ensure that all DPIAs include the fllwing infrmatin: A descriptin f the prcessing peratins and the purpses An assessment f the necessity and prprtinality f the prcessing in relatin t the purpse An utline f the risks t individuals The measures implemented in rder t address risk Where a DPIA indicates high risk data prcessing, the Trust will cnsult the ICO t seek its pinin as t whether the prcessing peratin cmplies with the GDPR. 17 Data breaches 17.1 The term persnal data breach refers t a breach f security which has led t the destructin, lss, alteratin, unauthrised disclsure f, r access t, persnal data The Data Prtectin Officer will ensure that all staff members are made aware f, and understand, what cnstitutes a data breach as part f their CPD training Where a breach is likely t result in a risk t the rights and freedms f individuals, the Trust will reprt the breach t the Infrmatin Cmmissiner s Office (ICO) All ntifiable breaches will be reprted t the ICO within 72 hurs f the Trust becming aware f it The risk f the breach having a detrimental effect n the individual, and the need t ntify the ICO, will be assessed n a case-by-case basis In the event that a breach is likely t result in a high risk t the rights and freedms f an individual, the Trust will ntify thse cncerned directly A high risk breach means that the threshld fr ntifying the individual is higher than that fr ntifying the relevant supervisry authrity In the event that a breach is sufficiently serius, the public will be ntified withut undue delay.

10 17.9 The Trust will implement effective and rbust breach detectin, investigatin and internal reprting prcedures, which facilitate decisin-making in relatin t whether the ICO r the public need t be ntified Within a breach ntificatin, the fllwing infrmatin will be utlined: The nature f the persnal data breach, including the categries and apprximate number f individuals and recrds cncerned The name and cntact details f the DPO An explanatin f the likely cnsequences f the persnal data breach A descriptin f the prpsed measures t be taken t deal with the persnal data breach Where apprpriate, a descriptin f the measures taken t mitigate any pssible adverse effects Failure t reprt a breach when required t d s may result in a fine, as well as a fine fr the breach itself. 18 Data security 18.1 Cnfidential paper recrds must be stred in a lcked filing cabinet, drawer r safe, with restricted access. Cnfidential paper recrds must nt be left unattended r in clear view anywhere with general access Digital data stred n-site is regularly backed up ff-site Remvable media such as USB drives and prtable hard drives will nt be used t hld persnal infrmatin unless they are passwrd-prtected and fully encrypted All cmputing equipment must be passwrd-prtected t prtect the infrmatin n the device frm unauthrised access. All prtable cmputing equipment, fr example laptps, must be encrypted Where pssible, the Trust will remtely blck r delete persnal data (fr which the Trust is the data cntrller) stred n an electrnic device in case f theft r if the device is the persnal equipment f an emplyee wh is leaving the Trust s emplyment. T facilitate this, Staff and gvernrs wishing t access their Trust accunt via a mbile device must nly d s using either a web brwser r via the Micrsft Outlk Applicatin: Apple Andrid Windws Mbile 13.4 Staff and gvernrs must nt stre (I.E. dwnlad r save n t) persnal data fr which the Trust is the data cntrller n their persnal laptps r cmputers (including mbile phnes) Staff and gvernrs must nt use persnal clud strage systems (e.g. Drpbx, Bx, Ggle Drive) t stre r transfer data. The use f a Trust implemented system (OneDrive at time f writing) is permitted s cntaining sensitive r cnfidential infrmatin must be prtected using the Trust s secure system Circular s t parents are sent blind carbn cpy (bcc), s addresses are nt

11 disclsed t ther recipients When sending cnfidential infrmatin by fax r , staff will always check that the recipient is crrect befre sending Where persnal infrmatin that culd be cnsidered private r cnfidential is taken ff the premises, either in electrnic r paper frmat, staff will take extra care t fllw the same prcedures fr security, e.g. keeping devices under lck and key. The persn taking the infrmatin frm the Trust premises accepts full respnsibility fr the security f the data. N electrnic data shuld be taken ff premises unless the device it is stred upn is encrypted Befre sharing data, all staff members will ensure: They are allwed t share it. That adequate security is in place t prtect it. Wh will receive the data has been utlined in a privacy ntice Under n circumstances are visitrs allwed access t cnfidential r persnal infrmatin. Visitrs t areas f the Trust cntaining sensitive infrmatin are supervised at all times The physical security f the Trust s buildings and strage systems, and access t them, is reviewed n a termly basis. If an increased risk in vandalism/burglary/theft is identified, extra measures t secure data strage will be put in place The Trust takes its duties under the GDPR seriusly and any breach f this plicy may result in disciplinary actin The Trust business manager is respnsible fr cntinuity and recvery measures are in place t ensure the security f prtected data. 19 Publicatin f infrmatin 19.1 The Trust will publish a publicatin scheme n its website utlining classes f infrmatin that will be made rutinely available, including: Plicies and prcedures Minutes f meetings Annual reprts Financial infrmatin 19.2 Classes f infrmatin specified in the publicatin scheme are made available quickly and easily n request The Trust will nt publish any persnal infrmatin, including phts, n its website withut the cnsent f the affected individual When uplading infrmatin t the Trust website, staff are cnsiderate f any metadata r deletins which culd be accessed in dcuments and images n the site. 20 CCTV and phtgraphy 20.1 The Trust understands that recrding images f identifiable individuals cnstitutes as prcessing persnal infrmatin, s it is dne in line with data prtectin principles The Trust ntifies all pupils, staff and visitrs f the purpse fr cllecting CCTV images via ur privacy ntices Cameras are nly placed where they d nt intrude n anyne s privacy and are necessary t fulfil their purpse All CCTV ftage will be kept in accrdance with the retentin schedule. The Business Manager is respnsible fr keeping the recrds secure and allwing access The Trust will always indicate its intentins fr taking phtgraphs f pupils and will ask fr cnsent befre publishing them If the Trust wishes t use images/vide ftage f pupils in a publicatin, such as the Trust website, prspectus, r recrdings f schl plays, written permissin will be sught fr the particular usage frm the parent f the pupil if the pupil is under 13 years f age, and frm the pupil themselves therwise. 21 Data retentin

12 21.1 Data will nt be kept fr lnger than is necessary, and always in accrdance with the Trust s published retentin schedule Unrequired data will be securely dispsed f as sn as practicable Sme educatinal recrds relating t frmer pupils r emplyees f the Trust may be kept fr an extended perid fr legal reasns, but als t enable the prvisin f references r academic transcripts Paper dcuments will be shredded r pulped, and electrnic data securely deleted, nce the data shuld n lnger be retained. 22 Breach f the plicy 22.1 Nn-cmpliance with the requirements f this plicy culd lead t serius actin being taken by third parties against the Trust. Nn-cmpliance is therefre cnsidered a disciplinary matter which, depending n the circumstances, culd lead t dismissal. It shuld be nted that an individual can cmmit a criminal ffence under the Act, fr example, by btaining and disclsing persnal data fr their wn purpses withut the cnsent f the data cntrller. 23 Plicy review 23.1 This plicy is reviewed every tw years by the Business Manager and the Chief Executive Officer The next scheduled review date fr this plicy is May 2019.