GDPR
Who are we?
Christ Church C of E Primary School is a ‘Data Controller’ as defined by Article 4 (7) of GDPR. This means that we determine the purposes for which, and the manner in which, your personal data is processed. We have a responsibility to you and your personal data and will only collect and use this in ways which are compliant with data protection legislation.
The school has appointed Veritau Ltd to be its Data Protection Officer (DPO). The role of the DPO is to ensure that the school is compliant with GDPR and to oversee data protection procedures. Veritau’s contact details are:
Schools Data Protection Officer
Veritau Ltd
County Hall
Racecourse Lane
Northallerton
DL7 8AL
01609 53 2526
*Please ensure you include the name of the School in all correspondence with the DPO
Click on the link to view our CCTV Privacy Notice
This privacy notice has been written to inform members of the public, parents, pupils and staff of Christ Church C of E Primary School about how and why we process their personal data in relation to CCTV.
Click on the link to view our Complaints Privacy Notice
This Privacy Notice has been written to inform individuals who are contemplating making a complaint, are in the progress of making a complaint, or have previously made a complaint about what Christ Church C of E Primary School does with your personal data as part of the school’s complaints process.
Click on the link to view our Employment Privacy Notice
This privacy notice has been written to inform prospective, current, and former employees of Christ Church C of E Primary School about how and why we process their personal data.
Click on the link to view Virgin Care's Privacy Notice
Click on the link to view our Parents and Pupils Privacy Notice
This Privacy Notice has been written to inform parents and pupils of Christ Church C of E Primary School about what we do with your personal information. This Notice may be subject to change.
Click on the link to view our Recruitment Privacy Notice
This Privacy Notice has been written to inform prospective employees of Christ Church C of E Primary School about what we do with your personal information.
Click on the link to view our Supply / Agency Staff Privacy Notice
This privacy notice has been written to inform prospective, current, and former supply/agency staff employed by Lancaster Christ Church C of E Primary School about how and why we process their personal data.
Click on the link to view our Visitors Privacy Notice
This Privacy Notice has been written to inform visitors what we do with the personal information that we record each time you visit the site. This privacy notice is aimed at occasional and professional visitors to the school, who are required to sign in using the schools visitors system.
Click on the link to view our Volunteers Privacy Notice
This Privacy Notice has been written to inform volunteers (including governors) of Christ Church C of E Primary School about what we do with your personal information.
Click on the link above to view our Information Policy
This policy is to ensure that Christ Church C of E Primary School complies with the requirements of the General Data Protection Regulation, Environmental Information Regulations 2004 (EIR) and Freedom of Information Act 2000 (FOIA), associated guidance and Codes of Practice issued under the legislation.
Click on the link above to view our Information Security Incident Reporting Policy
This policy has been written to govern the School’s management of information security incidents and data breaches.
Click on the link above to view our Records Management Policy
This policy recognises that an effective records management programme is key to facilitating Lancaster Christ Church C of E Primary School’s compliance with the legal and regulatory obligations as defined in the school’s Information Policy. This policy should be read in conjunction with the School’s Information Governance Policy Framework.
Click on the link above to view our Surveillance Policy
This policy is concerned with the use and governance of surveillance technology, and the processing of Personal Data which has been collected by using surveillance technology. The policy is written in accordance with various Data Protection legislation, which includes but is not limited to the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA), and the Information Commissioner’s Office’s (ICO) surveillance code of practice.