General Data Protection Regulation (GDPR)
What is GDPR?
This refers to the General Data Protection Regulation which superseded the Data Protection Act 1998, on 25 May 2018.
The legislation is designed to ‘harmonise’ data privacy laws across Europe, as well as give greater protection and rights to individuals. Within the GDPR there are large changes for the public, as well as businesses and bodies, that handle personal information. In essence, it is about protecting personal data and how it is used. It gives individuals greater control and say over how their personal data is used.
GDPR defines personal data as:
Any information relating to an identified or identifiable person (known as a Data Subject).
An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an ID number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.
Westcountry Schools Trust is the data controller for Stowford School.