GDPR and Privacy

General Data Protection Regulation (GDPR)

On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation (GDPR) took effect in the European Union (EU). The GDPR expands the privacy rights granted to EU individuals, and it places many new obligations on organisations that market to, track or handle EU personal data, no matter where an organisation is located.

All of the documents and information relate to all schools within the Trust, unless stated otherwise.

Children using computers

Trust GDPR Compliance Statement:

Launceston College Multi Academy Trust is compliant with GDPR.

  • We have published a privacy notice for students

  • We have published a privacy notice for staff (including volunteers, governors, etc).

  • We have performed a data audit to confirm all organisations that we share data with.

  • We have contacted these organisations to ensure that they are themselves GDPR compliant. Any who are not compliant will be instructed to delete all personally identifiable data related to schools in the Launceston College MAT

  • We have a notification process in place for any breach

  • We have a subject access request process

  • We have a right to erasure process

  • We have provided training for our staff regarding GDPR

When processing data we undertake the following:

  • The processing is lawful, fair and transparent

  • Transparent about what the data is being used for

  • Data is collected for a specific purpose

  • The data is necessary for the purpose

  • The data must be accurate and kept up to date

  • Data is not kept for longer than necessary

  • The data is kept safe and secure

  • All storage is secure and our suppliers have GDPR procedures in place.

If you have any queries regarding GDPR in the Trust, please email privacy@launcestoncollege.org.uk

Mark Adams is the DPO for the Trust, for enquiries, please email dpo@launcestoncollege.org.uk