We are The GORSE Academies Trust. When dealing with personal data we are called a Data Controller because we determine how and why personal data is processed.
The Privacy Notice tells you what we use your personal data for and what your rights are in relation to it.
Yes. In most instances we are legally obliged to collect and process personal data. Where this not the case we will obtain your consent before we collect and process the information.
This is our Data Privacy Manager. They are responsible for overseeing all data protection policies and procedures and for ensuring that we are compliant with the GDPR. The Data Privacy Manager’s contact details are at the end of the Privacy Notice
The personal data which we process is obtained from prospective, current and former; pupils and their families, staff, governors, directors, suppliers and other individuals and organisations with whom we have dealings (e.g. local education authorities, schools and the Department for Education).
The personal data which we collect and process includes: names, postal addresses, email addresses, telephone numbers, health and education related records, safeguarding data, attendance data, behaviour data, employment data, references, images, audio and video recordings.
We also process special category personal data which includes; health, ethnicity, religion and biometric data. We do so in accordance with the legislation or by explicit consent
We use the personal data which we collect and process; in the pupil admissions process (including admission appeals), in the provision of education, in providing references, for the safeguarding of pupils, to support pupil learning, to monitor and report on pupil progress, to provide appropriate pastoral care, to assess the quality of our services, and to enable us and our organisations to carry out all of their functions.
We share personal data with, amongst others; local authorities, examination boards, the Department for Education, professional advisers, HMRC and DWP. We will not share any information about you with a third party without lawful basis for doing so.
The Trust has a Retention of Records Procedure which explains how long different types of personal data are kept for. We only process and retain personal data for legitimate and lawful reasons, and we do not retain personal data for longer than is necessary.
Under the GDPR you have the following rights:
- The right to be informed: the right to be informed about how we process your personal data. This is what the Privacy Notice does.
- The right of access: the right to request access to your personal data that we hold and be provided with a copy of it.
- The right to rectification: the right to request that your personal data is amended if inaccurate or incomplete.
- The right to erasure: the right to request that your personal data is erased if there is no compelling reason for its continued processing.
- The right to restrict processing: the right to request that the processing of your personal data is restricted.
- The right to data portability: the right to obtain your own data that you have provided to us and reuse for your own purposes, or the right to request that we transmit this data to another controller.
- The right to object: the right to object to your personal data being processed.
- Rights in relation to automated decision making and profiling: the right to not have decisions made about you as an individual that are solely automated.
If you have any questions or concerns about the way in which your personal data is processed by us please contact our Data Privacy Manager; by post at Bruntcliffe Academy, Bruntcliffe Lane, Morley, Leeds LS27 0LZ or by email at GDPR@tgat.org.uk. If you have concerns which we are unable to resolve you have the right to lodge a complaint with the Information Commissioner’s Office.