Policy Information & Data Protection
You will need PDF Reader to view the documents in our policy section. If you do not have it please download from here.
The Data Protection Act 1998 has now been superseded by the GDPR Act 2018, which significantly extends the scope of data protection law. It applies to all personnel data held not just those in electronic form.
The trust needs to record:
- Name and details of your organisation (and where applicable, of other controllers, your representative and data protection officer).
- Purpose and lawful reason for the processing the data
- Description of the categories of individuals and categories of personal data.
- Categories of recipients of personal data.
- Details of transfers to third countries including documentation of the transfer mechanism safeguards in place.
- Retention schedules.
- Description of technical and organisational security measures.
The GDPR act also lists individual’s rights on the data being held and that trust must do Data Impact assessments when using new technologies or that processing is likely to result in a high risk to the rights and freedoms of individuals e.g. large scale, systematic monitoring of public areas (CCTV).
Data Protection Officer
STARMAT Central Policies
For access to other policies that apply to all STARMAT schools, click here.