New GDPR regulations 25th
Changes to data protection regulations come in to
force on 25th May 2018.
The EU’s General Data Protection Regulation
(GDPR) is the result of four years of work by the EU to
bring data protection legislation into line with new, previously unforeseen
ways that data is now used.
Currently, the UK relies on the Data Protection Act
1998, which was enacted following the 1995 EU Data Protection Directive, but
this will be superseded by the new legislation. It introduces tougher fines for
non-compliance and breaches, and gives people more say over what companies can
do with their data. It also makes data protection rules more or less identical
throughout the EU. Brexit will have no impact on this, and this regulation will
be applied on 25th May 2018.
The changes to the regulations impact on everyone,
and CYA is working hard in advance of the deadline to ensure we are ready for
What this means to students and parents
From the 25th May, the age of consent will change
Over the coming days and weeks we will be
contacting students and parents to inform them of the changes coming in to
force and what they mean to you. Consent will need to be obtained for some of
the data and information we hold and use, and privacy notices will be written
considering the new regulations for information which we use on a regular basis
which is in the public interest and necessary for the daily running of the Academy.
CYA is taking the changes to the regulations
seriously, and a Data Protection Officer is due to be appointed along
with a creation of a working group in the Academy comprising of key
Letters from Academy re GDPR preparations
Letter to Parents Regarding New Regulations
Letter to Staff Regarding New Regulations
Letter to Students Regarding New Regulations
Letter to Trustee Governor Regarding New Regulations