The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU). Since the Regulation applies regardless of where websites are based, it must be heeded by all sites that attract European visitors, even if they don’t specifically market goods or services to EU residents. Adopted in April 2016, the Regulation came into full effect in May 2018, after a two-year transition period.
As a school, we take GDPR compliance seriously. We have an external Data Protection Officer (DPO) who challenges and supports school to make sure that we are compliant. In April 2020, our DPO completed a thorough audit to identify our strengths and areas for improvement.
We have a GDPR Committee who meet at least termly in order to review current practice and procedures. The members of this committee are: