Information security and data protection are important issues for schools, MATs, colleges and other organisations. It is important that policies and practices around managing personal data are clear and well understood.
The EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 set out the data protection rules relating to the processing of personal data.
The GDPR defines how organisations (including schools, MATs and colleges) can store, use and send information relating to data subjects (including children, parents, staff).
Advice and Guidance
Advice and guidance to help schools, MATs and colleges better manage personal data
Understand the GDPR
Simplified summaries to help schools understand their obligations and the rights of data subjects
Data Protection Guidance
The SWGfL GDPR Guidance provides advice and guidance to help schools, MATs and colleges better manage personal data, and should be used alongside policies and practices already in place.
It is intended to assist schools, MATs and colleges with understanding the GDPR and with identifying steps that can be taken to improve data protection; it is not intended to provide legal advice and schools, MATs and colleges should seek their own legal advice when considering the management of Personal Data in alignment with the GDPR and the Data Protection Act 2018.
Data Protection Resources
Access the SWGfL GDPR Guidance using the links below.