Privacy Notice


Fitzharrys School Data Protection: Overview Statement

Fitzharrys School is a data controller.  We aim to adhere to the requirements of the GDPR (General Data Protection Regulation) which came into force in the UK in May 2018.

We keep and process personal data on students, staff, contractors and visitors to the school.  We share student data with other organisations including the local authority, central government, examination bodies.  We hold and process data that is needed to further the education and welfare of students and staff.  In the vast majority of circumstances, we do not need consent to do this as the data processing is necessary in order to comply with the school’s legal obligations and/or to enable us to perform tasks in the public interest. 

In brief, we undertake to:

  • Regularly review the information we collect and store, including keeping it up to date.
  • Keep sensitive data secure and regularly review who has access to the data.
  • Regularly review how long we keep information for and dispose of information securely.
  • Have a named data protection officer (DPO) to whom enquiries can be directed and who is the first point of contact in the school for all matters relating to data protection.
  • Request and obtain consent for the use of data when this is required – for instance before we use images of students for promotional or advertising material.
  • Respond within one month to enquiries received in writing relating to data protection.

All enquiries relating to data protection should be directed to the Data Protection Officer at the school; contact the Data Protection Officer for more information.

More information on Freedom of Information and Data Protection can be found on our Policies page.

Together Everyone Achieves More