General Data Protection Regulation
On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation (GDPR) takes effect in the European Union (EU). The GDPR expands the privacy rights granted to EU individuals, and it places many new obligations on organizations that market to, track or handle EU personal data, no matter where an organization is located.
All of the documents and information relate to all schools within the Launceston College MAT, unless stated otherwise.
Launceston College MAT GDPR compliance statement
Launceston College MAT is compliant with GDPR.
- We have published a privacy notice for students
- We have published a privacy notice for staff (including volunteers, governors, etc).
- We have performed a data audit to confirm all organisations that we share data with.
- We have contacted these organisations to ensure that they are themselves GDPR compliant. Any who are not compliant will be instructed to delete all personally identifiable data related to schools in the Launceston College MAT
- We have a notification process in place for any breach
- We have a subject access request process
- We have a right to erasure process
- We have provided training for our staff regarding GDPR
When processing data we undertake the following:
- The processing is lawful, fair and transparent
- Transparent about what the data is being used for
- Data is collected for a specific purpose
- The data is necessary for the purpose
- The data must be accurate and kept up to date
- Data is not kept for longer than necessary
- The data is kept safe and secure
- All storage is secure and our suppliers have GDPR procedures in place.
If you have any queries regarding GDPR in the Launceston College MAT, please email firstname.lastname@example.org
Claire Penfold is the DPO for the Launceston College MAT, for enquiries, please email email@example.com