The General Data Protection Regulation (GDPR) is an EU regulation that comes into force on 25 May 2018 requiring all organisations to identify changes that need to be made to achieve GDPR compliance in their personal data processing activities. The regulation will put individuals in control of their personal data, allowing them to choose how (and whether) businesses use their data. The new regulation will still apply to organisations once the UK leaves the EU in 2019.

The GDPR provides the following rights for individuals:

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling.

We are providing updated Privacy Notices with regard to how we process data within the Academy Trust and the legal basis that we have for undertaking the collection and processing of information. The revised Privacy Notices can be found here

We will be updating our Data Protection Policy to comply with the requirements of GDPR and linking this to our other policies such as Freedom of information, E-policies and Information Management.

We will be advising in relation to how and why we will use consent as a legal basis for collecting and processing data and how this consent can be removed.

If you have an queries in relation to the way the Academy Trust will meet the requirements of the GDPR please contact our Data Protection Officer- chris.haves@smartacademies.net or by

telephone: 0191 2559351

For more information in relation to GDPR or to raise a concern please follow this link to the  ICO website