Privacy Policy

A full version of the school's Privacy Policy can be accessed by following the link on the right hand side of this page.

Annex A - Newland House School Privacy Policy

Parents or guardians of children at the school or applying to join the school
 
Introduction
 
The EU General Data Protection Regulation (GDPR) includes rules on giving privacy information to those whose data is held by an organisation (data subjects). These are more detailed and specific than in the Data Protection Act and place an emphasis on making privacy Policies understandable and accessible. Data controllers are expected to take ‘appropriate measures’ to ensure that this is the case.
 
The school interprets this as using very clear language to outline each of the responsibilities for each of the data subject groups.
 
The GDPR say that the information provided to data subjects about how the school processes their personal data must be:
  • Concise, transparent, intelligible and easily accessible;
  • Written in clear and plain language, particularly if addressed to a child; and
  • Free of charge.
These requirements are about ensuring that privacy information is clear and understandable for data subjects. Our Privacy Policy deals with the overall privacy responsibilities of the school and includes, as annexes the particular policies that apply to parents, pupils under the age of 13, pupils over the age of 13, staff, Governors and alumni.   
 
This annex deals with two sources of data, that obtained directly from the subject and, data not obtained directly from the subject. For both sources the identity and contact details of the data handler (and where applicable, the handler’s representative) and the data controller are provided.
 

Content

This Privacy Policy will be provided to you at the time your data is being obtained, if it is being obtained directly. 
 
Data will be processed for the purposes of responding to requests for information about joining the school and the school will therefore have a “legitimate interest” for processing basic personal data and sensitive personal data.  The data the school holds will be the minimum it requires to form and maintain the contract between you and the school.
The school will share your data with companies who have contracts with the school and who have equalled the school’s precautions and systems for dealing with data, for example:
  • Catering (Holroyd Howe)
  • Photography (Tempest)
  • School Insurers (Marsh)
  • IT software providers:
  • Microsoft
  • WCBS Financial & Academic Software
  • Firefly Online Learning and Information Platform
  • ParentMail
  • Parent Evening Booking System
The list is not exhaustive and the companies may change from time to time.
 
It is not necessary for data to be shared with other countries. The exception to this will be international trips that the school organises, should this be envisaged for your child, you will be contacted for your consent, the consent will be limited in time and content if it be required.
 
The retention period for pupil data will be until the pupil reaches the age of 25, or be modified by any other legal obligation the school finds itself under.
You have the right to withdraw your consent to data processing at any time, however this will only apply to certain groups of data for which you have given particular consent. 
 
You can complain at any time about how the school has handled your data; the Information Commissioner is available as follows:
ICO helpline is 0303 123 1113.  A template letter, should you need it is at Annex A(i) of the Privacy Policy.
 
We will obtain the data the school requires from you; should we need data from other sources we will contact you within a month. 
 
We see the provision of personal data as necessary to properly admit you child to the school and to administer, and for the school to fulfil its obligations under the contract once your child is a pupil here. 
 
There is no automated decision making or profiling involved in this data stream into and through the school.