Harlington acknowledges that to function properly we need to collect and use certain types of information about staff, students and other individuals who come into contact with the school. We are also obliged to collect and use data to fulfil our obligations to the Local Authority/Education Department and other bodies (delete as appropriate). We deal with information properly in whatever way it is collected, recorded and used – on paper, electronically or any other way. We regard the lawful and correct treatment of personal information as very important to successful operations and to maintaining confidence between those with whom we deal and ourselves. We are conscious that much of the data we hold is classified as sensitive personal data and we are aware of the extra care this kind of information requires. We ensure that our organisation treats all personal information lawfully and correctly. To this end, we fully endorse and adhere to the data protection principles as contained in the Data Protection Act 1998.
Data protection principles
All members of staff employed in our school are required to adhere to the eight enforceable data protection principles as set out in the Data Protection Act 1998.
- Data shall be processed fairly and lawfully and in particular shall not be processed unless specific conditions are met.
- Personal data shall be obtained only for one or more specified and lawful purpose and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and where necessary, kept up-to-date.
- Personal data shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under the DPA.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
For more information please follow the link below.