Eden Academy Trust

Privacy Statements

 

Eden Academy Trust

Privacy notice 

 

 

Table of Contents

Introduction. 3

Who are we?. 3

What information do we collect and why do we require it?. 3

Who do we obtain your information from?. 4

Who do we share your personal data with?. 4

How long do we keep your personal data for?. 4

Do you transfer my data outside of the UK?. 4

What is our lawful basis for processing your personal data?. 4

What rights do you have over your data?. 5

 

Introduction

 

This privacy notice has been written to inform governors of Eden Academy Trust about what we do with your personal information.

Who are we?

 

Eden Academy Trust is a ‘Data controller’ as defined by Article 4 of GDPR. This means that we determine the purposes for which, and the way your personal data is processed. We have responsibility to you and your personal data and will only collect and use this in ways which are compliant with data protection legislation.

The trust has appointed Scott Thornhill from ADNS Group to be its data protection officer (DPO). The role of the DPO is to ensure that the Trust is compliant with GDPR and to oversee data protection procedures. ADNS Group details are:

 

What information do we collect and why do we require it?

 

As part of your governor role within the trust, Eden Academy Trust may need to assess your suitability for the role. This means that we need to collect information about you to facilitate this.

The personal data we collect about you includes:

  • Personal identifiers (you name, address, contact details)
  • Personal information relating to your role (i.e., if you are a parent governor etc)
  • Information relating to the history of your appointment
  • Register of business interests
  • Race and/or ethnicity may be collected for equality monitoring purposes.

 

 

Who do we obtain your information from?

 

Much of the information we process will be obtained directly from your application form. However, we may need to collect data about you from, but not necessarily limited to, the following organisations.

  • The disclosure of barring service
  • The local authority

Who do we share your personal data with?

 

Your information will only be made available to those who need it to do their job in relation to your role as a governor. This includes the relevant administrative staff.

We will share information with the following organisations:

  • Disclosure and barring service to conduct criminal record checks, if applicable.
  • Department for education
  • Local authority- governor support.

How long do we keep your personal data for?

 

The trust will keep your data in line with our information policy. Most of the information we process about you will be determined by statutory obligations. Any personal information which we are not required by law to retain will only be kept for as long as necessary to fulfil our organisational needs.

Do you transfer my data outside of the UK?

 

Generally, the information that the trust holds is all held within the UK. However, some information may be held on computer servers which are held outside of the UK. We will take all reasonable steps to ensure your data is not processed in a country that is not seen as ‘safe’ by the UK government. If we do need to send your data out of the European Economic area it will ensure it has extra protection from loss or unauthorised access.

What is our lawful basis for processing your personal data?

 

The trust processes your personal data and special category data based on its legal responsibilities to:

  • Safeguard pupils it has responsibility for.
  • Maintain adequate health and safety standards.
  • Monitor equality and diversity at our Trust.

The trust relies on article 6(1) c and article 9(2)b of the GDPR to process your personal and special category data.

 

 

What rights do you have over your data?

 

Under the GDPR individuals have the following rights in relation to the processing of their personal data:

  • To be informed about how we process your personal data. This notice fulfils this obligation.
  • To request access to your personal data that we hold and be provided with a copy of it.
  • To request that your personal data is amended if inaccurate or incomplete.
  • To request your personal data is erased where there is no compelling reason for its continued processing.
  • To request that the processing of your personal data is restricted.
  • To object to your personal data being processed.

You can exercise any of these rights by contacting *insert point of contact of the trust*

If you have any concerns about the way, we have handled your personal data or would like any further information, then please contact our DPO on the address provided above.

If we cannot resolve your concerns, you may also complain to the information commissioner’s office (the data protection regulator). You can do so by contacting:

 

First Contact Team

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow Cheshire

SK9 5AF

casework@ico.org.uk  // 0303 123 1113