top of page

Personal Information

What is Personal Information?  

Personal information is often records that can identify and relate to a living person. This can also include information that when put together with other information can then identify a person.

What are Special Categories of Information?

This is personal information that needs more protection due to its sensitivity.  This information is likely to include:

  • sexuality and sexual health

  • religious or philosophical beliefs

  • ethnicity

  • physical or mental health

  • trade union membership

  • political opinion

  • genetic/biometric data

What are our legal reasons for processing personal information?

There are a number of legal reasons why we need to collect and use personal data.  Each privacy notice, at the foot of the page, explains for each service which legal reason is being used.  Generally we collect and use personal information in the following circumstances:

  • Where you, or your legal representative, have given consent;

  • Where you have entered into a contract with us;

  • Where it is necessary to perform our statutory duties;

  • Where it is necessary to protect someone in an emergency;

  • Where it is required by law;

  • Where it is necessary for employment purposes;

  • Where you have made your data publicly available;

  • Where it is necessary to establish, exercise or defend a legal claim;

  • Where it is in the substantial public interest;

  • Where it is necessary to protect public health;

  • Where it is necessary for archiving public interest material, research, or statistical purposes.

 

How do we limit the use of personal information?

Where necessary North Clifton Primary School processes personal data to deliver our services effectively; but wherever possible, the data that we process will be anonymised, pseudonymised or de-personalised.  This means the information can no longer identify a person. 


When using personal data for research purposes, the data will be anonymised/pseudonymised to avoid the identification of a person, unless you have agreed that your personal information can be used for the research project.

 

We do not sell personal data to any other organisation for the purposes of selling products.

SHARING YOUR PERSONAL INFORMATION

Who will we share your personal information with?    

We use a range of companies and partners to either store personal information or to manage it for us. Where we have these arrangements there is always a contract, memorandum of understanding or information sharing protocol in place to ensure that the organisation complies with data protection law. We complete privacy impact assessments before we share personal information to ensure their compliance with the law.

Sometimes we have a legal duty to provide information about people to other organisations, e.g. Child Protection concerns or Court Orders.

 

We may also share your personal information when we feel there is a good reason that is more important than protecting your confidentiality. This does not happen often, but we may share your information:

  • For the purposed of finding and stopping a crime or fraud; or 

  • if there are serious risks to the public, our staff or to other professionals; or

  • to protect a child.

 

The law does not allow us to share your information without your permission, unless there is proof that someone is at risk or it is required by law. 

 

This risk must be serious before we can go against your right to confidentiality. When we are worried about physical safety or we feel that we need to take action to protect someone from being harmed in other ways, we will discuss this with you and, if possible, get your permission to tell others about your situation. 

 

We may still share your information if we believe the risk to others is serious enough to do so. 

 

There may also be rare occasions when the risk to others is so great that we need to share information straight away. If this is the case, we will make sure that we record what information we share and our reasons for doing so. We will let you know what we have done and why as soon as or if we think it is safe to do so.

PROTECTING YOUR INFORMATION

How do we protect your information?  

We will do what we can to make sure we hold personal records (on paper and electronically) in a secure way, and we will only make them available to those who have a right to see them. Our security includes:

  • Encryption allows information to be hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or cypher. The hidden information is said to be encrypted.

  • Pseudonymisation allows us to hide parts of your personal information from view so only we can see it. 

  • Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it. 

  • Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.

  • Ways for us to access your information should something go wrong and our systems not work, including how we manage your information in event of an emergency or disaster.

  • Regular testing of our technology and processes including keeping up to date on the latest security updates (commonly called patches). 

 

View our policy on information security at the foot of the main GDPR page.

If your information leaves the country? 

 

Sometimes, for example, if we received a request to transfer records because you were moving abroad, it would be necessary to send that information outside of the UK.  In such circumstances, additional protection will be applied to that data during its transfer, and where the receiving country does not have an adequacy decision from the European Commission, advice will be sought from the Information Commissioners Office prior to the data being sent.

Where can I get Data Protection advice?

You can contact our Data Protection Officer at DPO@northclifton.notts.sch.uk or by calling 01522 778609.

 

For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner’s Office (ICO) at:

 

Information Commissioner's Office

Wycliffe House 

Water Lane 

Wilmslow

Cheshire SK9 5AF

 

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

 

Alternatively, visit ico.org.uk or email casework@ico.org.uk.

bottom of page