keeping our data secure and relevant
At The White Hills Park Trust we take data protection and your rights as an individual very seriously. We have worked hard to ensure the appropriate policies and procedures are in place across our academies so we are compliant; that we collect and process data responsibly; and that we store and dispose of information in accordance with the law.
The General Data Protection Regulation (GDPR) came into effect on 25th May 2018.
The GDPR forms part of the data protection regime in the UK, together with the Data Protection Act 2018 (DPA 2018). More information on data protection can be found by visiting the Information Commissioners Office at www.ico.co.uk.
We collect and use personal information about staff, students, parents and other individuals who come into contact with the Trust. This information is gathered in order to enable us to provide education and other associated functions. In addition, there may be a legal requirement to collect and use information to ensure that the Trust complies with our statutory obligations.
Each Trust school has their own Management and Retention of Records Policy and Privacy Notices which can be found on their respective websites.
Subject Access Requests
Individuals have a right to make a Subject Access Request to gain access to the personal information that the Trust holds about them. When dealing with Subject Access Requests, the Trust and Trust academies will always follow current data protection and other legislative guidance. The latest information from the ICO regarding access to pupils' information can be found here.
As a Multi Academy Trust, a student or parent/carer (person with parental responsibility/legal guardian) does not have a legal right to access a child’s educational record. It will be up to the Trust to decide whether to grant such access.
Please refer to the Information Commissioner's Office Subject Access Request Guidance for further information.
How do I request information?
If you wish to request information we hold about you, please make a Subject Access Request to the Trust in writing. Any written request from the individual (Data Subject) will be considered as a valid request, as long as it contains the relevant information to enable us to deal with your request:
- Your name
- Correspondance address
- Contact number
- Email address
- Clear details of the information or data you would like to access
If you are requesting information on behalf of someone else you must also provide written evidence that you have the Data Subject’s authority to ask for the information on their behalf, for example a signature on the Subject Access Request, a letter written by them, evidence of Power of Attorney, etc.
In either case, the request should be sent to:
Trust Operations Director
Bramcote College, Moor Lane, Bramcote, Nottinghamshire, NG9 3GA
If your Subject Access Request is valid and approved, you will be provided with either a printout or a photocopy of paper records. Where information is requested to be provided digitally (such as by email), we will only agree to this if it can be sent via an approved secure method in line with GDPR.
We will contact you to advise if we are unable to approve your request.
Do I need proof of identity?
If you are not known to the Trust or Trust academies, we may ask to see proof of your identity. The following forms of identity will be accepted as proof of identity:
- A copy of your passport
- A copy of your driving licence
- A copy of your Bank, Building Society or Credit Card statement in the Data Subject's name for the last quarter
- A copy of your Council Tax bill
Will I be charged for information provided?
We will follow guidance within current Data Protection legislation in relation to charges for information. See the ICO website for further information.
What do I do if the data is incorrect?
Please contact the Trust to tell us what is incorrect and ask for it to be corrected. You can also appeal to the Information Commissioner if we do not correct the information.