GDPR (General Data Protection Regulations)

With effect from 25 May 2018 organisations, including schools, have to comply with General Data Protection Regulations. 

At Our Lady of Lourdes we take Data Protection very seriously - it is important that we only store personal information in a secure way, in line with GDPR, and in a way that our customers (parents and children and staff) are happy with. There has to be a legal basis for storing this data. 

This section houses all of the GDPR Policies and Documentation we have developed in order to be GDPR compliant. 

These documents show you WHAT data we have, WHY we have it, HOW it is in line with GDPR and is maintained within a Legal Basis, and HOW we make sure that the data is securely stored. 

We also show you HOW LONG we are required to keep information (Retention Policy).

These policies have been approved by the Governing Body (May 2018). 

The Governors have chosen to adopt the Information Management Toolkit for Schools as their retention policy - see below. 

Pease read through our PRIVACY NOTICES, Data Protection Policies and ICO guidance. 

Do not hesitate to contact us should you require any further information. 

You have a right to request to see data/information stored on your child. 

Staff/school workforce have the right to request information stored on them. 


PLEASE call in to see the Headteacher if you have any questions relating to GDPR. 

 Checklist for dealing with a SAR.docxDownload
 CPOMS GDPR Update February 2018.docxDownload
 DPO Job Description Person Spec.docxDownload
 Personal Data Breach Procedure.docxDownload
 Photograph consent form.docxDownload
 Privacy Notice - Children in Need and Looked After.docxDownload
 Privacy Notice for Pupils - OLOL.docxDownload
 Privacy Notice for Workforce - OLOL draft.docxDownload
 Processor Due Diligence Letter - OLOL.docDownload
 Protection Impact Assessment.docxDownload
Showing 1-10 of 13