Home Page

Privacy Notice

This Privacy Notice explains how and why we store personal information about pupils and parents/carers. It provides a guide to parents/carers about our legal obligations and their own rights. Like any organisation which handles personal data, our school is defined as a ‘Data Controller’ and, as such, we are registered with the ICO (Information Commissioner’s Office) and we comply with the Data Protection Act. and General Data Protection Regulation.


This Privacy Notice is subject to change, please see our website


How we use pupil information

The categories of pupil information that we collect, hold and share include:

(also see attached appendix A)

For all pupils

Personal Information

Name, Date of Birth, Gender, Year Group, Class, Address, Contacts

Dietary needs, dietary preferences

Medical practice address and telephone number

Medical conditions


Ethnicity, language, nationality, country of birth

Attendance Information

Sessions attended, number of absences, reasons for absence

Academic attainment and progress records

Teacher Assessment grades

Statutory assessment results

Standardised score results

Learning journey evidence (photographs and annotations) in Reception and Pre-School

Other photographic evidence of learning (e.g. Earwig)

Reports to parents (mid-year and end of year)



Pupil Surveys

Incidental evidence of pupils’ successes (certificates, photographs, named trophies, celebration events)

For some pupils

(only if applicable)


Free School Meals eligibility

Court Orders

Other pupil premium eligibility (such as if the child is looked after)

Safeguarding records (incidents, external agency reports

Special Educational needs records (professional assessments, external professionals’ reports, referrals for external support)

Pastoral records (referrals for support both internal and external, notes of discussions with pupils, pupils’ jottings of thoughts and feelings)

Exclusion information

Behaviour incident records

All Parents/Carers*

Personal Information

Names, addresses, telephone numbers, email addresses, relationship to the child (of parents/carers and other given contacts)

Free school meals eligibility evidence


Parents’ surveys

Letters sent to school

Emails sent to school

Financial payments, including debt (both manual and electronic)

*this refers to those with legal responsibility for the child


Why we collect and use information:

We use the pupil data:

  • To support pupil learning
  • To keep informed to keep children safe
  • To monitor and report on pupil progress
  • To provide appropriate pastoral care
  • To comply with the law regarding data sharing

We use the parents’ data:

  • To assess the quality of our services
  • To comply with the law regarding data sharing
  • To ensure financial stability


The lawful basis on which we use this information:

The lawful bases for processing personal data are set out in Article 6 of the General Data Protection Regulation. The school processed such data because we have:

(6a) Consent: parents have given clear consent for us to process their (and their child’s) personal data for the purposes indicated above.

(6c) A Legal obligation: the processing is necessary for us to comply with the law (e.g. we are required by law to submit certain teacher assessment information and to safeguard pupils’ welfare by sharing information with other agencies).

(6d) A duty to safeguard pupils: the processing is necessary in order to protect the vital interests of the data subject (children); (e.g. if we are required to share medical history information with emergency services in the event of an accident or to other agencies when a child may be in danger).


Collecting Pupil Information:

Whilst the majority of information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain pupil information to us or if you have a choice in this.


Storing pupil data:

We will hold pupil data in line with the Trust Retention Policy after your child leaves our school. All confidential information is kept secure either on encrypted, password protected devices or paper copies kept on the school site. Once the deadline for retaining information has passed, data kept electronically is deleted and paper copies are destroyed.


Who we share pupil information with:

We routinely share aspects of pupil information with:

  • Schools that the pupil attends after leaving us
  • Our local authority
  • Our Multi-Academy Trust
  • The Department for Education (DfE)
  • Children’s Social Care (when safeguarding pupils’ welfare)
  • External professionals who visit school (such as Educational Psychologists)
  • Our appointed school photographer
  • Suppliers and service providers with whom we have a contract e.g. O’track, Weduc, Dojo
  • Voluntary organisations linked to the school e.g. Friends of Newcroft


We do not share information about our pupils with anyone without consent unless the law and our policies allow us to do so.


Data collection requirements

To find out more about the data collection requirements placed upon us by the DfE (for example; via the school ‘census’) go to


The National Pupil Database (NPD)

The NPD is owned and managed by the DfE and contains information about pupils in England. It provides invaluable evidence on educational performance to inform independent research, as well as studies commissioned by the Department. It is held in electronic format for statistical purposes. This information is securely collected from a range of sources including schools, local authorities and awarding bodies.

We share pupils’ data with the Local Authority and the Department for Education (DfE) on a statutory basis. This data sharing underpins school funding and educational attainment policy and monitoring. We are required to share information about pupils with the DfE under regulation 5 of the Education (Information About Individual Pupils) (England) Regulations 2013.

To find out more about the NPD, go to

The Department may share information about our pupils from the NPD with third parties who promote the education or well-being of children in England by:

  • Conducting research or analysis
  • Providing statistics
  • Providing information, advice or guidance

The Department has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and the use of data. Decisions on whether the DfE releases data to third parties are subject to a strict approval process and based upon a detailed assessment of:

  • Who is requesting the data
  • The purpose for which it is required
  • The level and sensitivity of data requested: and
  • The arrangements in place to store and handle the data

To be granted access to pupil information, organisations must comply with strict terms and conditions covering confidentiality and handling of data, security arrangements and the retention and use of the data.

For more information about the Department’s data sharing process, please visit: we-collect-and-share-research-data

For more information about which organisations to whom the department had provided pupil information (and for which project), please visit the following website:

To contact the DfE:


Requesting access to your personal data – Subject Access Request

Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact Mrs Diane Lane on 01509 503214, at or visit the school office.


You also have the right to:

  • Object to processing of personal data that is likely to cause, or is causing, damage or distress
  • Prevent processing for the purpose of direct marketing
  • Object to decisions being made by automated means
  • In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • Claim compensation for damages caused by a breach of the Data Protection Regulations.


If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at



If you would like to discuss anything in this Privacy Notice, please contact


Please read this form in conjunction with the school’s Privacy Notice for Parents


This document explains how and why we store and share personal information about pupils and parents/carers.


  1. provides a guide to parents/carers about our legal obligations and the reasons for sharing data. We do not require your consent to share this information. Like any organisation which handles personal data, our Multi-Academy Trust is the ‘Data Controller’ and our school is defined as a ‘Data Processor’ and, as such, we are registered with the ICO (Information Commissioner’s Office) and we comply with the General Data Protection Regulations (GDPR).


Organisation with whom we share data

How we share the data

What data might we share?

Does the organisation share the data beyond its own establishments?

Is the organisation GDPR complaint

Why do we share the data?

Do you give your consent (Yes or No)



· We upload pupil admissions forms details

· Pupil details

· Parent details

· Attendance information

Yes (with the DfE)


· To enable the running of the school

Statutory requirement

Consent not required

The Local Authority

· Secure Transfer (SIMS*)

· Telephone Calls

· Email

· Letters

· Meetings

· Pupil Details

· Parent Details

· Pupil Assessment Information

· Pupil well-being information

Yes (with the DfE)


· To safeguard pupils

· To meet our statutory assessment responsibilities

· Because the DfE requests this

Statutory requirement

Consent not required

The Department for Education (DfE)

· Email

· Letters

· Meetings

· Secure Access (DfE online area)

· Pupil Details

· Parent Details

· Pupil Assessment Information

Yes (other Government departments)


· To meet our statutory assessment responsibilities

· To enable the running of the school

· Because the government demands this

· To ensure that the school receives funding

Statutory requirement

Consent not required


· Letters

· Email

· Meetings

· Telephone calls

· Pupil Details (personal and medical)

· Parent Details

Yes – medical services


· To ensure pupils’ health and well-being

Statutory requirement

Consent not required

Schools (transfer of pupils)

· Securely through SIMS*

· Hand delivered sensitive information

· Pupil Details

· Parent Details

· Pupil Assessment Information

· Safeguarding records

· Pupils’ School Record


· if the child transfers again

· See the other school’s privacy policy

They should be

· Statutory responsibilities

Statutory requirement Consent not required


*SIMS is the database on which all pupil personal data (other than teacher assessment information) is stored by our school. By completing the school admissions forms, all parents consent to us storing the data securely.