Data Protection Policy
What is data protection?
Data protection is the fair and proper use of information about people. It’s part of the fundamental right to privacy – but on a more practical level, it’s really about building trust between people and organisations. It’s about treating people fairly and openly, recognising their right to have control over their own identity and their interactions with others, and striking a balance with the wider interests of society.
Good practice in data protection is vital to ensure public trust in, engagement with and support for innovative uses of data in both the public and private sectors.
The UK data protection regime is set out in the DPA 2018 and the UK GDPR
What is the Data Protection Act 2018?
The DPA 2018 sets out the framework for data protection law in the UK. It updates and replaces the Data Protection Act 1998, and came into effect on 25 May 2018. It was amended on 01 January 2021 by regulations under the European Union (Withdrawal) Act 2018, to reflect the UK’s status outside the EU.
What are the lawful bases for processing?
The lawful bases for processing are set out in Article 6 of the UK GDPR. At least one of these must apply whenever you process personal data:
(a) Consent:
(b) Contract:
(c) Legal obligation:
(d) Vital interests:
(e) Public task:
(f) Legitimate interests:
This page will be updated with the latest information you will need.
Our Data Protection officer is: Nicki Legh-Smith
If you have any queries please contact her at dpo@avocetacademy.org