Skip to content ↓

Grange Park School

Learning for Life - Personalised Pathways for All

  • Font size
    A A A A
  • Background colour

Privacy Notice - Pupils

HOW WE USE YOUR DATA

You have a legal right to be informed about how our school uses any personal information that we hold about you.  To comply with this, we provide a ‘privacy notice’ to you where we are processing your personal data.

This privacy notice explains how we collect, store and use personal data about you.

We, Grange Park School, Borough Green Road, Wrotham, Kent, TN15 7RD, are the ‘data controller’ for the purposes of data protection law.

Our Data Protection Officers are James Stone and Babatunde Adegbenjo and our Data Protection Lead is Ms McNally (see ‘Contact us’ below).

 

The personal data we hold

We hold some personal information about you to make sure we can help you learn and look after you at school.

For the same reasons, we get information about you from some other places too – like other schools, the local council and the government.

This information includes:

  • Your contact details

  • Your test results

  • Your attendance records

  • Your characteristics, like your ethnic background or any special educational needs

  • Any medical conditions you have

  • Details of any behaviour issues or exclusions

  • Photographs

  • CCTV images

 

Why we use this data

We use this data to help run the school, including to:

  • Get in touch with you and your parents when we need to

  • Check how you’re doing in exams and work out whether you or your teachers need any extra help

  • Track how well the school as a whole is performing

  • Look after your wellbeing

 

Our lawful basis for using this data

We will only collect and use your information when the law allows us to. Most often, we will use your information where:

  • We need to comply with the law

  • We need to use it to carry out a task in the public interest (in order to provide you with an education)

Sometimes, we may also use your personal information where:

  • You, or your parents/carers have given us permission to use it in a certain way

  • We need to protect your interests (or someone else’s interest)

Where we have got permission to use your data, you or your parents/carers may withdraw this at any time.  We will make this clear when we ask for permission, and explain how to go about withdrawing consent.

Some of the reasons listed above for collecting and using your information overlap, and there may be several grounds which mean we can use your data.

 

Collecting this information

While in most cases you, or your parents/carers, must provide the personal information we need to collect, there are some occasions when you can choose whether or not to provide the data.

We will always tell you if it’s optional. If you must provide the data, we will explain what might happen if you don’t.

 

How we store this data

We will keep personal information about you while you are a pupil at our school.  We may also keep it after you have left the school, where we are required to by law.

We have a Records Management Policy (Information Management Toolkit for Schools) which sets out how long we must keep information about pupils.

A copy of the Toolkit is available at:

http://www.kelsi.org.uk/school-management/data-and-reporting/access-to-information/records-management

 

Data sharing

We do not share personal information about you with anyone outside the school without permission from you or your parents/carers, unless the law and our policies allow us to do so.

Where it is legally required, or necessary for another reason allowed under data protection law, we may share personal information about you with:

  • Our local authority – to meet our legal duties to share certain information with it, such as concerns about pupils’ safety and exclusions

  • The Department for Education (a government department)

  • Your family and representatives

  • Educators and examining bodies

  • Our regulator (the organisation or “watchdog” that supervises us),  e.g. Ofsted

  • Suppliers and service providers – so that they can provide the services we have contracted them for

  • Financial organisations

  • Central and local government

  • Our auditors

  • Survey and research organisations

  • Health authorities

  • Security organisations

  • Health and social welfare organisations

  • Professional advisers and consultants

  • Charities and voluntary organisations

  • Police forces, courts, tribunals

  • Professional bodies

 

National Pupil Database

We are required to provide information about you to the Department for Education (a government department) as part of data collections such as the school census.

Some of this information is then stored in the National Pupil Database, which is managed by the Department for Education and provides evidence on how schools are performing.  This, in turn, supports research.

The database is held electronically so it can easily be turned into statistics.  The information it holds is collected securely from schools, local authorities, exam boards and others.

The Department for Education may share information from the database with other organisations which promote children’s education or wellbeing in England.  These organisations must agree to strict terms and conditions about how they will use your data.

You can find more information about this on the Department for Education’s webpage on how it collects and shares research data.

You can also contact the Department for Education if you have any questions about the database.

 

Youth support services

Once you reach the age of 13, we are legally required to pass on certain information about you to Kent County Council, as it has legal responsibilities regarding the education or training of 13-19 year-olds.

This information enables it to provide youth support services, post-16 education and training services, and careers advisers.

Your parents/carers, or you once you’re 16, can contact our Data Protection Lead to ask us to only pass your name, address and date of birth to Kent County Council.

 

Transferring data internationally

Where we share data with an organisation that is based outside the European Economic Area, we will protect your data by following data protection law.

 

Your rights

How to access personal information we hold about you

You can find out if we hold any personal information about you, and how we use it, by making a ‘subject access request’, as long as we judge that you can properly understand your rights and what they mean.

If we do hold information about you, we will:

  • Give you a description of it

  • Tell you why we are holding and using it, and how long we will keep it for

  • Explain where we got it from, if not from you or your parents

  • Tell you who it has been, or will be, shared with

  • Let you know if we are using your data to make any automated decisions (decisions being taken by a computer or machine, rather than by a person)

  • Give you a copy of the information

You may also ask us to send your personal information to another organisation electronically in certain circumstances.

If you want to make a request please contact our Data Protection Lead.

 

Your other rights over your data

You have other rights over how your personal data is used and kept safe, including the right to:

  • Say that you don’t want it to be used if this would cause, or is causing, harm or distress

  • Stop it being used to send you marketing materials

  • Say that you don’t want it used to make automated decisions (decisions made by a computer or machine, rather than by a person)

  • Have it corrected, deleted or destroyed if it is wrong, or restrict our use of it

  • Claim compensation if the data protection rules are broken and this harms you in some way

 

Complaints

We take any complaints about our collection and use of personal information very seriously.

If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.

To make a complaint, please contact our Data Protection Lead.

Alternatively, you can make a complaint to the Information Commissioner’s Office:

  • Report a concern online at https://ico.org.uk/concerns/

  • Call 0303 123 1113

  • Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

 

Contact us

If you have any questions, concerns or would like more information about anything mentioned in this privacy notice, in the first instance please contact our:

Data Protection Lead:

  • Zoe McNally, Business Manager

zoe.mcnally@grangepark.kent.sch.uk

Data Protection Officers are:

  • James Stone and Babatunde Adegbenjo

sps-dpo-services@isystemsintegration.com

 

This notice is based on the Department for Education’s model privacy notice for the school workforce, amended to reflect the way we use data in this school.

Cookie Policy