Skip Ribbon Commands
Skip to main content

New GDPR regulations 25th May 2018


Changes to data protection regulations come in to force on 25th May 2018.

The EU’s General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.

Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU. Brexit will have no impact on this, and this regulation will be applied on 25th May 2018.

The changes to the regulations impact on everyone, and CYA is working hard in advance of the deadline to ensure we are ready for implementation.

What this means to students and parents

From the 25th May, the age of consent will change to 13.

Over the coming days and weeks we will be contacting students and parents to inform them of the changes coming in to force and what they mean to you. Consent will need to be obtained for some of the data and information we hold and use, and privacy notices will be written considering the new regulations for information which we use on a regular basis which is in the public interest and necessary for the daily running of the Academy.

CYA is taking the changes to the regulations seriously, and a Data Protection Officer is due to be appointed along with a creation of a working group in the Academy comprising of key personnel.

Letters from Academy re GDPR preparations

Letter to Parents Regarding New Regulations

Letter to Staff Regarding New Regulations

Letter to Students Regarding New Regulations

Letter to Trustee Governor Regarding New Regulations