Data Protection and Your Personal Data

Your Data Matters

At Brierley Hill Primary School, we recognise the importance of protecting personal information and handling it responsibly. Personal data is shared in many everyday interactions, such as completing forms, accessing online services or communicating with organisations. Information such as names, addresses and contact details helps services operate efficiently and enables organisations to support the people they serve.

We are committed to ensuring that all personal information relating to pupils, families, staff and visitors is collected, stored and processed safely, securely and lawfully.

Protecting personal data is an important part of safeguarding and maintaining trust within our school community.

Data Protection and GDPR

The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 set out clear legal requirements for how organisations collect, store and use personal information.

These regulations ensure that personal data is:

• Used fairly, lawfully and transparently
• Collected only for specified and legitimate purposes
• Accurate and kept up to date
• Stored securely and protected from misuse
• Retained only for as long as necessary

As a school, we follow these legal requirements carefully and have robust procedures in place to ensure that personal information is handled appropriately at all times.

Privacy Notices

Our Privacy Notice explains how we collect, use and share personal information relating to pupils, parents, carers and staff.

This document outlines:

• What information we collect
• Why we collect it
• Who we may share information with
• The legal basis for processing personal data

The most recent version of our Privacy Notice is available in the Policies section of our website.

Parental Consent

In some circumstances, schools must obtain explicit consent from parents or carers before using certain types of information.

Examples include:

• Taking and using photographs or videos of pupils
• Providing access to certain educational apps or online learning platforms
• Sending communications through school messaging systems or apps

Consent forms are usually issued when pupils join the school and may also be reviewed at the beginning of each academic year.

Parents and carers can update or withdraw their consent at any time by contacting the school office.

Teaching Children About Data Protection

Helping pupils understand how to keep their personal information safe is an important part of our wider online safety and safeguarding curriculum.

Through age-appropriate teaching, pupils learn about:

• protecting their personal information
• staying safe online
• understanding how information can be shared responsibly

To support this learning, we use a range of child-friendly resources, including videos and guided discussions.

Data Protection Impact Assessments

The school carries out Data Protection Impact Assessments (DPIAs) for systems and services that process personal data. These assessments help ensure that appropriate safeguards are in place when using digital platforms and third-party services.

Examples of systems used in school include:

• InVentry
• Juniper Education
• Microsoft Forms
• Microsoft Teams
• Provision Map
• Renaissance Learning
• Rising Stars
• RM Integris
• School Money
• Tapestry
• Wonde
• Zoom
• CPOMS
• Class Charts
• Fisher Family Trust
• GovernorHub
• Insight

If you require further information about these assessments or would like copies of relevant documentation, please contact the school office.

Further Information

For independent guidance about data protection and the safe use of personal information, the following organisations provide helpful resources:

• Information Commissioner’s Office (ICO)
• Dudley Safeguarding Children Partnership

Links to these organisations can be found on their respective websites.