The General Data Protection Regulation (GDPR)
The EU’s General Data Protection Regulation (GDPR) is the result of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used. The GDPR came into force on Friday 25 May 2018.
Currently, the UK relies on the Data Protection Act 1998, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data.
The Spencer Academies Trust takes changes to Data Protection requirements very seriously. The appropriate mechanisms have been set up in schools to ensure that we are compliant; collect and use data responsibility, and that information provided to us, which is necessary to run Trust schools will be collected, stored and disposed of in accordance with the law.