Across the Trust we handle a large amount of personal and sensitive data on a daily basis. We take our duties to ensure the security of this data seriously and pledge to do our upmost to protect and respect your rights at all times.
To help ensure we act compliantly with data protection legislation, we implement a comprehensive Data Protection Policy and Data Security Policy. The Trust is the ‘data controller’ and all data protection measures are overseen by our Data Protection Officer (DPO) who acts as DPO for all schools within our Trust.
The Trust’s DPO is Chris Spender. If you have any questions about data protection within the Trust, contact our Data Protection Officer by clicking here.
You have a legal right to be informed about how our schools use any personal information that we hold about you or your child. The documents at the bottom of this page, outline how personal data is collected, stored and used by the Trust.
The Data Protection Act 1998 requires every organisation that processes personal information to register with the Information Commissioner's Office (ICO), unless they are exempt. Failure to do so is a criminal offence. The Shaw Education Trust is one of more than 400,000 registered data controllers.
Please click here to view our registration entry details.
The Freedom of Information Act 2000 gives the public right of access to information produced in the course of Shaw Education Trust's work.
There are exemptions to this right. In particular, data about living, identifiable people ('personal data') continues to be covered by the Data Protection Act and is not generally publicly available except to the subject of the data - that is, the person whom the data is about.
Under the Freedom of Information Act, Shaw Education Trust has developed a Publication Scheme which lists all the documents which the Trust will make public as a matter of routine.
If the information you are looking for is not available on our Publication Scheme, you can make a request for the information you require in writing, by email or by using our contact form available here.
A Subject Access Request (SAR) is a formal request made by an individual for information held about themselves.
In line with data regulations and legislation, the information requested should be provided within 30 days from the date in which the request was received.
SAR's in relation to a student or parent should be made in writing and sent directly to the school it pertains to. Parents can request their child's data; however, if a request relates to a pupil over the age of 13, the pupil's consent should be gained first.
Please note, all requests should include:
- Requester's full name and address
- Requester's contact information
- The data subject involved
- Whether the request relates to a specific information