GDPR (General Data Protection Regulation) came into force on 25th May 2018. GDPR is a European Union Law that strengthens and unifies data protection for individuals and in conjunction with the Data Protection Act 2018 replaces the Data Protection Act 1998.
Our Data Protection Officer (DPO) is Mrs. K. Cox.
All the below policies define how Ashtree Primary & Nursery School holds personal information and ensures that we are compliant with GDPR.
- GDPR Privacy Notice Test and Trace Sep2020 (432.31KB)
- Privacy Notice for Parents & Carers (109.63KB)
- Data Protection Policy (249.65KB)
- E-Safety and Data Security Policy (395.85KB)
- Privacy Notice for Pupils (121.52KB)
- Privacy Notice for Staff (177.00KB)
- Privacy Notice for Governors (124.91KB)
- Data Breach Response Plan (229.96KB)
Requesting access to your personal data
Under data protection legislation, parents / carers have the right to request access to information about them that we hold (“Subject Access Request”). To make a request for your child’s personal data, or be given access to your child’s educational record, contact Mrs K Cox, Data Protection Officer on: dpo@ashtree.herts.sch.uk. Any written request for personal data will be treated as a Subject Access Request.