top of page
Library of educational books

GDPR

UK GDPR – General Data Protection Regulation

​

The Data Protection Act 2018 came into force on 25th May 2018 in the UK. The Act implements the General Data Protection Regulation (now UK General Data Protection Act) in national law. The UK GDPR has 2 key objectives:

  1. To facilitate a free movement of data by creating a consistent data protection regime across the Union. 

  2. To provide a framework that more accurately reflects how we use data today and therefore better protect the rights and freedoms of individuals.

​

The school's data protection officer is John Walker
 

Contact details:

J. A. Walker, Solicitor

PHP Law LLP

6 Delamore Park

Cornwood

Ivybridge

PL21 9QP

email: info@jawalker.co.uk

tel: 03337 729763

​

The School's Lead on day to day Data Protection is Ellen Mitchell (admin@sticklepath.org.uk

​

Data Subject Rights

At its core, the UK GDPR is  about ensuring the privacy of the individual. The UK GDPR provides data subjects with 8 rights that they may exercise when their personal data is being processed; these rights support the individual’s overarching right to privacy in their private life.

 

These rights include:

 

Right to be informed: Data subjects should expect to know the identify and contact details of the controller and their representative; why and how your data is being processed; if your data will be shared or passed on; how long your data will be stored; and what your rights are. This information is reflected in the Trust’s Privacy Notices.

 

Right to access: Data subjects have the right to obtain a copy of your personal data as well as to understand how and why your data is being used. This is commonly known as a Subject Access Request.

 

Right to object to automated decision making, including profiling: Where rights apply, data subjects can obtain human intervention; express your point of view; and obtain an explanation of the decision and challenge it. The right does not apply if the processing is required to fulfil a contract; has been authorised by member state law; or is based on explicit consent.

 

Right to object: Data subjects can object to us using your information in certain circumstances (please refer to the UK GDPR for the circumstances). This does not apply when we have lawful bases for processing your data, such as legal obligation or to protect the vital interests of a person.

 

Right to data portability: This right is not absolute. It allows data subjects to obtain/reuse your personal data for your own purposes across different services where data is processed by automated means; the right only applies to information you have provided to a controller. The processing has to be based on consent or where it is necessary to fulfil a contract.

 

Right to restriction: Data subjects can request that the processing of their data be restricted if one of the conditions set out in Article 18 applies (please refer to the UK GDPR for the conditions).

 

Right to erasure: Data subjects can request deletion of the data held about you, but only in certain circumstances, including if the data is no longer necessary for the purposes for which it was collected; if you withdraw consent on which the processing is based and where there is no other legal ground for the processing or you object to the processing and there are no overriding legitimate grounds for the processing; or if the data has been unlawfully processed, is to be erased for compliance with a legal obligation or has been collected in relation to the offer of information society services.

 

Right to rectification: Data subjects have the right to request that your information is updated to be made accurate, in the event where information held by us may no longer be accurate (such as your address). You also have the right to rectification when information we hold about you is incomplete, such as where the digit of a phone number is missing.

 

To exercise these rights, where they apply, please contact us through any of the means indicated on our Contact page.

​

Relevant policy documents and privacy notices (please click on the Tarka logo below to acces)

​

Data Protection Breach & Non Compliance Procedure

Data Breach Management Flowchart

Privacy Notices

Privacy Notice School Workforce

Privacy Notice Pupil

Privacy Notice Job Applicant

Privacy Notice School Trips

Privacy Notice Governors

Subject Access Request Process

Subject Access Form

Privacy Notice - Covid 19

Security Policy

​​

For GDPR policies please go to the Policies section.

​

Trust links for policies and privacy notices (available on the Tarka Website):

​

https://tarkatrust.org.uk/governance-and-policies/governance-2/

https://tarkatrust.org.uk/privacy-notices/

Tarka Learning partnership logo

 

Ellen Mitchell (School Business Manager).  T: 01271 342455     E: admin@sticklepath.tarkatrust.org.uk
Sticklepath Community Primary Academy, Woodville, Barnstaple, Devon EX31 2HH

 

Part of Tarka Learning Partnership 

C/O Roundswell Community School Primary Academy, Claypits Road, Roundswell, Barnstaple Devon EX31 3WJ  T: 01271 433125

​

John Walker - Data Protection Officer 

PHP Law LLP, 6 Delamore Park, Cornwood, Ivybridge PL21 9QP. T: 03337729763  E:info@jawalker.co.uk

Music-Mark-Proud-School-2024-25-RGB.png
School games gold mark achieved logo
rhs_5_star_gardening_school- logo
Sticklepath Community Primary Academy logo
Tarka Leraning logo
Acheivemant for all logo
green Tree School platinum award logo
Devon Primary Scitt logo

© 2018 by Sticklepath Community Primary Academy.

bottom of page