A+ A A-

Privacy Notice

Burnage Academy for Boys collects and uses personal information about students under Article 6 (public task) and Article 9 (public interests) of the General Data Protection Regulation (GDPR).

 

The categories of pupil information that we collect, hold and share include:

  • Personal information (such as name, unique pupil number and address)
  • Characteristics (such as ethnicity, religion, language, nationality, country of birth and free school meal eligibility)
  • Attendance information (such as sessions attended, number of absences and absence reasons)
  • Assessment information
  • Medical information
  • Special Educational Needs information
  • Exclusions and behavioural information
  • Safeguarding information
  • Court related information
  • Post 16 pathways information
  • Linked agencies

 

Why we collect and use this information

We use the pupil data:

  • to support pupil learning
  • to monitor and report on pupil progress
  • to provide appropriate pastoral care
  • to assess the quality of our services
  • to comply with the law regarding data sharing

 

The lawful basis on which we use this information

We collect and use pupil information under

(1) For the purposes of the GDPR, we are ‘a public authority as defined by the Freedom of Information Act 2000, subject to subsection (2),’

Special categories of personal data and criminal convictions etc data

(2) The processing meets the requirement in point (b), (h), (i) or (j) of Article 9(2) of the GDPR for authorisation by, or a basis in, the law of the United Kingdom or a part of the United Kingdom only if it meets a condition in Part 1 of Schedule 1.

 

Collecting pupil information

Whilst the majority of pupil information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain pupil information to us or if you have a choice in this.

 

Storing pupil data

We are required by law to store all files containing information on students until the date of the student’s 25th birthday. After that we shred the file.

 

Who we share pupil information with

We routinely share pupil information with:

  • schools and local authorities that the pupil’s attend after leaving us
  • our local authority
  • the Department for Education (DfE)
  • the Education and Skills Funding Agency
  • the NHS
  • the school nurse
  • linked agencies

 

Why we share pupil information

The Academy is a ‘data controller’ for the purposes of the Data Protection Act 1998 and the General Data Protection Regulation (GDPR), which comes into force on May 25, 2018. A data controller is an organisation that is responsible for the use made of someone's personal information

We do not share information about our pupils with anyone without consent unless the law and our policies allow us to do so.

We share pupils’ data with the Department for Education (DfE) on a statutory basis. This data sharing underpins school funding and educational attainment policy and monitoring.

We are required to share information about our pupils with the (DfE) under regulation 5 of The Education (Information About Individual Pupils) (England) Regulations 2013. We also share information with other agencies prescribed by law, such as the Qualifications and Curriculum Authority (QCA), Ofsted, the Education and Skills Funding Agency (ESFA), the Department of Health (DH), Primary Care Trusts (PCT), and valid organisations that require access to data in the Learner Registration System. All these are data controllers in respect of the data they receive, and are subject to the same legal constraints in how they deal with the data.

 

Data collection requirements:

To find out more about the data collection requirements placed on us by the Department for Education (for example; via the school census) go to https://www.gov.uk/education/data-collection-and-censuses-for-schools.

 

Youth support services

Pupils aged 13+

Once our pupils reach the age of 13, we also pass pupil information to our local authority and / or provider of youth support services as they have responsibilities in relation to the education or training of 13-19 year olds under section 507B of the Education Act 1996.

This enables them to provide services as follows:

  • youth support services
  • careers advisers

A parent or guardian can request that only their child’s name, address and date of birth is passed to their local authority or provider of youth support services by informing us. This right is transferred to the child / pupil once he/she reaches the age 16.

 

The National Pupil Database (NPD)

The NPD is owned and managed by the Department for Education and contains information about pupils in schools in England. It provides invaluable evidence on educational performance to inform independent research, as well as studies commissioned by the Department. It is held in electronic format for statistical purposes. This information is securely collected from a range of sources including schools, local authorities and awarding bodies.

We are required by law, to provide information about our pupils to the DfE as part of statutory data collections such as the school census and early years’ census. Some of this information is then stored in the NPD. The law that allows this is the Education (Information About Individual Pupils) (England) Regulations 2013.

To find out more about the NPD, go to

https://www.gov.uk/government/publications/national-pupil-database-user-guide-and-supporting-information.

The department may share information about our pupils from the NPD with third parties who promote the education or well-being of children in England by:

  • conducting research or analysis
  • producing statistics
  • providing information, advice or guidance

The Department has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether DfE releases data to third parties are subject to a strict approval process and based on a detailed assessment of:

  • who is requesting the data
  • the purpose for which it is required
  • the level and sensitivity of data requested: and
  • the arrangements in place to store and handle the data

 

To be granted access to pupil information, organisations must comply with strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data.

For more information about the department’s data sharing process, please visit: https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

For information about which organisations the department has provided pupil information, (and for which project), please visit the following website:

https://www.gov.uk/government/publications/national-pupil-database-requests-received

To contact DfE: https://www.gov.uk/contact-dfe

Requesting access to your personal data Students have certain rights under the Data Protection Act and the GDPR, including a right to be given access to personal data held about them by any data controller. It is presumed that, by the age of 13, children have sufficient maturity to understand their rights and to make an access request themselves if they wish. A parent would normally be expected to make a request on a child’s behalf if the child is younger. A parent may make a request for a child aged 13 and over with the express, written permission of the child.

Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact the school’s data protection officer at the school’s address.

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/

Contact

If you would like to discuss anything in this privacy notice, please contact:

Mr Iain Ross, School’s data protection officer, Burnage Academy for Boys, Burnage Lane, Burnage, M19 1ER

Translate BAfB Website

News & Events

Free School Meals - IMPORTANT pls read!!

Free School Meals - IMPORTANT pls read!!

We encourage all parents/carers to check if their child is entitled to free school meals. Being registered for free... Read more

SSAT Member

SSAT Member

Looking Beyond Day-To-Day Pressures and Keeping Ambition Alive.   BAfB is a proud member of SSAT - a network connected... Read more

Read Our Newsletter

 

© Copyright Burnage Academy For Boys 2018 |  Privacy Notice  |  Cookie Policy