GDPR AND Privacy


The General Data Protection Regulation (GDPR) applies to personal data. Within the college we process data on pupils, parents, staff and college governors. We follow the six data protection principles that require that personal data shall be:

  1. Processed fairly, lawfully and transparently.
  2. Obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose(s).
  3. Adequate, relevant and not excessive in relation to the purpose(s) for which it is processed.
  4. Accurate and, where necessary, kept up to date.
  5. Not kept for longer than is necessary for that purpose(s).
  6. Kept secure, i.e. protected by an appropriate degree of security.