Information security and data protection are important issues for schools, MATs, colleges and other organisations. It is important that policies and practices around managing personal data are clear and well understood.
The EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 set out the data protection rules relating to the processing of personal data.
The GDPR defines how organisations (including schools, MATs and colleges) can store, use and send information relating to data subjects (including children, parents, staff).
Advice and Guidance
Advice and guidance to help schools, MATs and colleges better manage personal data
Understand the GDPR
Simplified summaries to help schools understand their obligations and the rights of data subjects
Data Protection Guidance
The SWGfL GDPR Guidance provides advice and guidance to help schools, MATs and colleges better manage personal data, and should be used alongside policies and practices already in place.
It is intended to assist schools, MATs and colleges with understanding the GDPR and with identifying steps that can be taken to improve data protection; it is not intended to provide legal advice and schools, MATs and colleges should seek their own legal advice when considering the management of Personal Data in alignment with the GDPR and the Data Protection Act 2018.
Data Protection Resources
Access the SWGfL GDPR Guidance using the links below.
Data Protection Products and Services
Latest Data Protection & Information Security Articles
Instagram Announces New Protective Measures for Teen Accounts
14th May 2025
Real-Time Filtering in a World of Generative AI: What Schools and Colleges Need to Understand
12th May 2025
Take Our Survey: Share Your Experience on Your Child's First Smartphone
7th May 2025
New AI Policy Templates for Welsh Schools Available
2nd May 2025