Data Protection Guidance for Schools, MATs and Colleges

Advice and guidance on the management and security of personal data, and GDPR compliance

Access Resources

Access Resources

  1. Catalogue
  2. Resources
  3. GDPR Guidance for Schools and Colleges

A shield with a tick in it, with 4 lines coming off it going to different coloured dotsInformation security and data protection are important issues for schools, MATs, colleges and other organisations. It is important that policies and practices around managing personal data are clear and well understood.

The EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 set out the data protection rules relating to the processing of personal data.

The GDPR defines how organisations (including schools, MATs and colleges) can store, use and send information relating to data subjects (including children, parents, staff).

Advice and Guidance

Advice and guidance to help schools, MATs and colleges better manage personal data

Understand the GDPR

Simplified summaries to help schools understand their obligations and the rights of data subjects

Support for Governers & Trustees

Advice and guidance specifically for wider stakeholders in schools

Data Protection Guidance

The SWGfL GDPR Guidance provides advice and guidance to help schools, MATs and colleges better manage personal data, and should be used alongside policies and practices already in place.

It is intended to assist schools, MATs and colleges with understanding the GDPR and with identifying steps that can be taken to improve data protection; it is not intended to provide legal advice and schools, MATs and colleges should seek their own legal advice when considering the management of Personal Data in alignment with the GDPR and the Data Protection Act 2018.

Data Protection Resources

Access the SWGfL GDPR Guidance using the links below.

Part 1 - What is GDPR?

Part 1 - What is GDPR?

Part 2 - Background to the GDPR

Part 2 - Background to the GDPR

SWGfL Data Protection Guidance - Part 2 - Background to the GDPR

Part 3 - Key GDPR Principles

Part 3 - Key GDPR Principles

SWGfL Data Protection Guidance - Part 3 - Key GDPR Principles

Part 4 - GDPR Advice for Schools

Part 4 - GDPR Advice for Schools

Part 5 - GDPR Rights and Obligations

Part 5 - GDPR Rights and Obligations

Part 6 - Subject Access Requests

Part 6 - Subject Access Requests

Part 7 - Special Category Personal Data

Part 7 - Special Category Personal Data

SWGfL Data Protection Guidance - Part 7 - Special Category Personal Data

Part 8 - Information Security and Breach Management

Part 8 - Information Security and Breach Management

SWGfL Data Protection Guidance - Part 8 - Information Security and Breach Management

Part 9 - DPIA and DPO

Part 9 - DPIA and DPO

SWGfL Data Protection Guidance - Part 9 - DPIA and DPO

Data Protection Products and Services

360data

360data

An online self review tool, designed to help schools and SMEs review their posture, policies and procedures around data protection and information security.

Data Protection Services

Data Protection Services

SWGfL has partnered with Firebird to provide a range of services for schools. From a fully outsourced service, to a pay-as-you go offering, we’re here to help you.

SSL Certificates

SSL Certificates

TLS/SSL Certificates from Certifcate Authority QuoVadis for Schools

Latest Data Protection & Information Security Articles

More Articles