Data Protection

Cardinal Newman Catholic School processes a considerable amount of information, including personal data about the students, parents and staff it serves, to allow it to provide services effectively.  The School recognises that this information is important and that it has a responsibility to the people of the school regarding the information it holds about them  As such, it takes seriously its responsibilities to ensure that any personal information it collects and uses is done so proportionately, correctly and safely.

How we use your personal data and who it may be shared with can be found in the School's Privacy Policy.

The Data Protection Act 2018 and General Data Protection Regulations sets out rules for processing personal information which Cardinal Newman Catholic School has to keep to when using your personal information.

  1. Processed lawfully, fairly and in a transparent manner
  2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
  4. Accurate and where necessary kept up to date
  5. Kept for no longer than necessary for the purposes for which the personal data are processed
  6. Processed in a manner that ensures appropriate security of the personal data.

We are still required to have a registration with the Information Commissioner regarding the types of personal information we process and the purposes it is used for and who we share it with. You can see what is recorded on our Data Protection Notification entry if you search for Carrdinal Newman Catholic School on the Information Commissioner's web site.

Our Data Protection Policy outlines our approach to compliance with the Act.

Your Rights

The Data Protection Act 2018 gives individuals a number of rights:

  1. The right to be informed of what information is held about them, what it is used for and to whom it may be shared
  2. The right of access to the information held
  3. The right to rectification - to have information corrected or destroyed
  4. The right to erasure or to be 'forgotten'
  5. The right to restrict processing (unless it is a mandatory function of the Council)
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.

Individuals have the right to request their personal information we hold about them by making a subject access request.

In this section: