General Data Protection Regulation (GDPR)

The General Data Protection Regulations (GDPR) came into effect on 25th May 2018 bringing with it higher standards of transparency, enhanced data security and increased accountability for processing personal data. Please view our Data Protection Policy (below) to see how we comply with the requirements of the legislation.

What does the GDPR mean for schools?
The GDPR brought a new responsibility to inform parents and stakeholders about how they are using pupils’ data and who it is being used by. 

A great deal of the processing of personal data undertaken by schools falls under the lawful basis of ‘public interest’.

As it is in the public interest to operate schools successfully, it means that in the majority of cases, specific consent is not required for schools to process personal data. 

Please view our Privacy Notice (below) to see how we use our pupils personal data, and who it may be shared with.

The GDPR ensures personal data is protected and gives individuals more control over their information and how it is used.

Schools must appoint a Data Protection Officer and must be able to prove that they are compliant with the legislation.

Our Data Protection Officers are:

HY Education 
Reed House
Hunters Lane
Greater Manchester
OL16 1YL
Tel: 0161 543 8884

All data breaches which are likely to have a detrimental effect on the individual must be reported to the Information Commissioners Office (ICO) within 72 hours of discovery.

The ICO are the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

Further information about the ICO can be found at the ICO website.

Files to Download

Student Login