SGS Academy Trust Privacy Statement

The personal data we collect is essential, for the school to fulfil its official functions and to meet legal requirements.

We collect and use pupil information, for the following purposes:

1. the recruitment, selection and enrolment of pupils;
2. the provision of education to pupils, including the administration of the curriculum and the timetable
3. to support pupil learning
4. to monitor and report on pupil attainment and progress
5. to provide appropriate pastoral care
6. to assess the quality of our services
7. to keep children safe (food allergies, or emergency contact details)
8. to meet the statutory duties placed upon us by the Department for Education

Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing pupil information are:

The SGS Academy Trust’s lawful basis for processing personal data in respect of employee information is that the processing is necessary to fulfil contractual and HMRC obligations, and those within the ‘keeping children safe in education’ statutory guidance.

The lawful basis for processing personal data in respect of enrolment, funding, awarding body registration, teaching, pupil support, performance monitoring and research is that the processing is necessary for the organisation to perform a task in the public interest and for its official functions; these tasks and functions have a clear basis in law.

The lawful basis for processing personal data in respect of alumni relations, internal events, fundraising purposes, direct marketing and marketing research is the pursuit of the Academy Trust’s legitimate interests. (This includes the intra-SGS Group transfer of data for administrative purposes, where those purposes are not detrimental to the rights of the data subject.) SGS Group and its subsidiaries have a lawful basis for further processing, where that processing assists the Trust in achieving its mission and is compatible with the purpose for which the data was initially collected.

SGS Academy Trust and its schools will further process personal data for archiving purposes in the public interest and for research and statistical purposes. The processing of personal data in respect of keeping children safe in education is a legal obligation under the Education Act 2002.

The lawful basis for processing and using photographs is consent. Before we take or use any photographs we will ask pupils (if they are old enough) or a parent or guardian to give permission for us to take and use photographs. When we ask for consent we always explain why we want it and what we will do with it but you do not have to give consent, that is your choice. If you give consent we may use photographs, for example, on display boards or on the school’s website.

When undertaking any major project concerning the processing of personal data, or considering processing that is likely to result in a high risk to individuals’ interests, SGS Academy Trust will undertake a Data Protection Impact Assessment (DPIA).

In addition, when we process personal information concerning any special category data, processing will only be carried out where in line with Regulation 9 of GDPR.

We collect pupil information through our registration forms at the start of the school year or via the Common Transfer File (CTF) from previous schools.

Pupil data is essential for the schools’ operational use. Whilst the majority of pupil information you provide to us is mandatory, some of it is requested on a voluntary basis. In order to comply with the data protection legislation, we will inform you at the point of collection, whether you are required to provide certain pupil information to us or if you have a choice in this and we will tell you what you need to do if you do not want to share this information with us.

We hold pupil data securely for the set amount of time shown in our data retention schedule. For more information on our data retention schedule and how we keep your data safe, please see:

Our Data Privacy & Protection Policy

We have physical, electronic and managerial procedures in place to safeguard and secure the information we collect.

But please remember:

• You provide personal data at your own risk; unfortunately no data transmission is guaranteed to be 100% secure.
• When using school systems, you are responsible for your username and password; please ensure you keep them safe and secret!
• If you believe your privacy has been breached, please contact us immediately by emailing DataPrivacy@sgscol.ac.uk

SGS Academy Trust has a clear process to address and potential personal data breach:

Our Data Privacy & Protection Policy

We routinely share pupil information with:

• schools
• local authorities
• youth support services (for pupils aged 13+)
• the Department for Education (DfE)

We will also share information with the other schools that form part of the SGS Academy Trust and with external organisations when required to do so by law or when it is in the best interests of pupils, for example we may share personal information with the NHS or with providers of educational services, such as Hegartymaths who provide services and tools to help you develop your numeracy and maths (for further details click here) use this link: https://hegartymaths.com/files/HM_General_Privacy_Notice.pdf

We will share ordinary personal data with the parents [or guardians] of learners under the age of 18 for the purposes of keeping parents [or guardians] informed about pupil activities, progress, behaviour and attainment; and in the interests of a pupil welfare, unless, in our opinion, there is a good reason not to.

We do not share information about our pupils with anyone unless we are required to do so by law or where doing so would be in the pupils interest.

Pupils aged 13+

Once pupils reach the age of 13, we also pass pupil information to our local authority or provider of youth support services as they have responsibilities in relation to the education or training of 13-19 year olds under section 507B of the Education Act 1996.

This includes:

• youth support services
• careers advice

A parent or guardian can object to any information in addition to their child’s name, address and date of birth being passed to their local authority or provider of youth support services by informing us. This right is transferred to the pupil once they reach the age 16

Data is securely transferred to the youth support service via secure file transfer.

Pupils aged 16+

We will also share certain information about pupils aged 16+ with our local authority or provider of youth support services as they have responsibilities in relation to the education or training of 13-19 year olds under section 507B of the Education Act 1996.

This includes:

• post-16 education and training
• youth support services
• careers advisers

Once a pupil reaches the age of 16 they can object to their name, address and date of birth being passed to their local authority or provider of youth support services by informing us.

Data is securely transferred to the youth support service via secure file transfer.

For more information about services for young people, please visit our local authority website.

The Department for Education (DfE) collects personal data from schools and local authorities via various statutory data collections. We are required to share information about our pupils with the Department for Education (DfE) either directly or via our local authority for the purpose of those data collections, under:

• Section 3 of The Education (Information About Individual Pupils) (England) Regulations 2013.
• Regulation 5 of The Education (Information About Individual Pupils) (England) Regulations 2013.

All data is transferred securely and held by DfE under a combination of software and hardware controls, which meet the current government security policy framework.

For more information, please see ‘How Government uses your data’ section.

Local Authorities

We may be required to share information about our pupils with the local authority to ensure that they can conduct their statutory duties under

• the Schools Admission Code, including conducting Fair Access Panels.

Pupils and their parents or guardians have the right to request access to the information we hold about them. To make a request for your personal information, or be given access to your child’s educational record, please contact the Designated Data Controller for the relevant school as below:

Depending on the lawful basis above, you may also have the right to:

• object to processing of personal data that is likely to cause, or is causing, damage or distress
• prevent processing for the purpose of direct marketing
• object to decisions being taken by automated means
• in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
• a right to seek redress, either through the ICO, or through the courts

If you would like to excerise any of your rights or you are concerned about the way we are collecting or using your personal data, you should raise your concern with us in the first instance by contacting the SGS Data Protection Officer at DataPrivacy@sgscol.ac.uk or by writing to:

Data Protection Office
SGS Multi Academy Trust
Stratford Road, Stroud
Gloucestershire, GL5 4AH

DataPrivacy@sgscol.ac.uk
0800 0567 253 / 0117 931 2121 / 01453 763 424

Alternatively, you can raise your concern with the Information Commissioner’s Office at: https://ico.org.uk/concerns/

For further information on how to request access to personal information held centrally by DfE, please see the ‘How Government uses your data’ section of this notice.

Changes of details: The SGS Academy Trust takes all reasonable steps to ensure that personal data, held in relation to pupils, is as up to date and accurate as possible. However the Academy Trust expects that individual pupils will notify their school of any significant changes to important information, such as contact details.

We may use cookies or other technologies to help provide an effective online presence, offer you a more personalised user experience and market products and services to you.