Main Menu

Privacy Notices

Information

PRIVACY NOTICE

For parents/carers
Parent / Carer Privacy notice
Data Protection Policy

Introduction

Under data protection law, individuals have a right to be informed about how the school uses any personal data that we hold about them. We comply with this right by providing ‘privacy notices’ (sometimes called ‘fair processing notices’) to individuals where we are processing their personal data.

The school now adheres to principles set out in UK-GDPR (General Data Protection

Regulation) and the Data Protection Act (2018).

This privacy notice explains how we collect, store and use personal data about pupils. We, The Python Hill Academy, are the ‘data controller’ for the purposes of data protection law.

Our Data Protection Officer (DPO) is Tim Pinto (see ‘Contact us’ below).

The personal data we hold

Personal data that we may collect, use, store and share (when appropriate) about pupils includes, but is not restricted to:

  • Contact details, contact preferences, date of birth, identification documents
  • Results of internal assessments and externally set tests
  • Pupil and curricular records
  • Characteristics, such as ethnic background, eligibility for free school meals, or special educational needs (SEND)
  • Exclusion information
  • Details of any relevant medical conditions
  • Attendance information
  • Safeguarding information
  • Details of any support received, including care packages, plans and support providers
  • Photographs

We may also hold data about pupils that we have received from other organisations,

including other schools, local authorities and the Department for Education.

Why we use this data

We use this data to:

  • Support pupil learning
  • Monitor and report on pupil progress
  • Provide appropriate pastoral care
  • Protect pupil welfare
  • Assess the quality of our services
  • Administer admissions waiting lists
  • Carry out research
  • Support families and their wellbeing
  • Comply with the law regarding data sharing

Our legal basis for using this data

We only collect and use pupils’ personal data when the law allows us to. Most commonly, we process it where:

  • We need to comply with a legal obligation
  • We need it to perform an official task in the public interest

Less commonly, we may also process pupils’ personal data in situations where:

  • We have obtained consent to use it in a certain way
  • We need to protect the individual’s vital interests (or someone else’s interests)

Where we have obtained consent to use pupils’ personal data, this consent can be withdrawn at any time. We will make this clear when we ask for consent, and explain how consent can be withdrawn.

Some of the reasons listed above for collecting and using pupils’ personal data overlap, and there may be several grounds which justify our use of this data.

Collecting this information

While the majority of information we collect about pupils is mandatory, there is some information that can be provided voluntarily.

Whenever we seek to collect information from you or your child, we make it clear whether providing it is mandatory or optional. If it is mandatory, we will explain the possible consequences of not complying.

How we store this data

We keep personal information about pupils while they are attending our school. We may also keep it beyond their attendance at our school if this is necessary in order to comply with our legal obligations. Our retention schedule/records management policy states how long we should keep specific data.

Data sharing

We do not share information about pupils with any third party without consent unless the law and our policies allow us to do so.

Where it is legally required, or necessary (and it complies with data protection law) we may share personal information about pupils with:

  • Our Local Authority (LA) – to meet our legal obligations to share certain information with it, such as safeguarding concerns and exclusions
  • The Department for Education (DFE) – to meet our legal obligations and as it is necessary for the performance of a task carried out in the public interest and in the exercise of authority
  • The pupil’s family and representatives – to meet our legal obligations to share certain information with them, such as safeguarding concerns and exclusions
  • Educators and examining bodies – to meet our legal obligations and as it is necessary for the performance of a task carried out in the public interest and in the exercise of authority
  • Our regulator e.g. Ofsted – to meet our legal obligations and as it is necessary for the performance of a task carried out in the public interest and in the exercise of authority
  • Suppliers and service providers – to enable them to provide the service we have contracted them for
  • Our auditors – necessary for compliance with a legal obligation
  • External survey and research organisations – with parents/carers consent
  • Health authorities – necessary for compliance with a legal obligation, such as safeguarding.                      In other cases the health professional seeks consent through the school. In addition, we may have to share data specifically related to NHS partners in line with the Coronavirus Act 2020
  • Professional advisers and consultants – necessary for the performance of a contract
  • Charities and voluntary organisations – necessary for the performance of a task carried out in the public interest and in the exercise of authority
  • Police forces, courts, tribunals – necessary for compliance with a legal obligation
  • Professional bodies – necessary for the performance of a contract

There may be times when we ask parents/cares to register for services where the school is not the data controller. Examples of this include ParentPay systems in order to pay electronically for trips and other occasions where we ask you to purchase items online. Whenever we do this, the school will ensure that we use a reputable company and that parents/carers are given the privacy notice for the firm on how their data is used.

National Pupil Database

We are required to provide information about pupils to the Department for Education (DFE) as part of statutory data collections such as the school census and Early Years census. Some of this information is then stored in the National Pupil Database (NPD), which is owned and managed by the Department and provides evidence on school performance to inform research.

The database is held electronically so it can easily be turned into statistics. The information is securely collected from a range of sources including schools, local authorities and exam boards.

The DFE may share information from the NPD with other organisations which promote

children’s education or wellbeing in England. Such organisations must agree to strict terms and conditions about how they will use the data.

For more information, see the Department’s webpage on how it collects and shares research data.

You can also contact the Department for Education with any further questions about the NPD.

Transferring data internationally

The school now follows the procedures in relation to UK-GDPR. If we transfer any data to countries outside the EU (third countries), we ensure that a Standard Contractual Clause (SCC) is set up directly between the school and the company.

Parents and pupils’ rights regarding personal data

Individuals have a right to make a ‘subject access request’ to gain access to personal information that the school holds about them.

Parents/carers can make a request with respect to their child’s data where the child is not considered mature enough to understand their rights over their own data (usually under the age of 13), or where the child has provided consent.

Parents also have the right to make a subject access request with respect to any personal data the school holds about them.

If you make a subject access request, and if we do hold information about you or your child,

we will:

  • Give you a description of it
  • Tell you why we are holding and processing it, and how long we will keep it for
  • Explain where we got it from, if not from you or your child
  • Tell you who it has been, or will be, shared with
  • Let you know whether any automated decision-making is being applied to the data, and any consequences of this
  • Give you a copy of the information in an intelligible form

Individuals also have the right for their personal information to be transmitted electronically to another organisation in certain circumstances.

If you would like to make a request please contact our data protection officer.

Parents/carers also have a legal right to access to their child’s educational record. To request access, please contact office@pythonhill.notts.sch.uk

Other rights

Under data protection law, individuals have certain rights regarding how their personal data is used and kept safe, including the right to:

  • Object to the use of personal data if it would cause, or is causing, damage or distress
  • Prevent it being used to send direct marketing
  • Object to decisions being taken by automated means (by a computer or machine, rather than by a person)
  • In certain circumstances, have inaccurate personal data corrected, deleted or

destroyed, or restrict processing

  • Claim compensation for damages caused by a breach of the data protection

Regulations

To exercise any of these rights, please contact our data protection officer.

Complaints

We take any complaints about our collection and use of personal information very seriously. If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.

To make a complaint, please contact our data protection officer.

Alternatively, you can make a complaint to the Information Commissioner’s Office:

  • Report a concern online at https://ico.org.uk/concerns/
  • Call 0303 123 1113
  • Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane,

Wilmslow, Cheshire, SK9 5AF

Contact us

If you have any questions, concerns or would like more information about anything

mentioned in this privacy notice, please contact our Data Protection Officer:

  • Tim Pinto (tpinto@esafetyoffice.co.uk) or 01977 232167
  • Alternatively, you can contact the school office on 01632 464164 or email office@pythonhill.notts.sch.uk

The Python Hill Academy

Kirklington Road

Rainworth

Nottinghamshire

NG21 0JZ

This notice is based on the Department for Education’s model privacy notice for pupils, amended for parents and to reflect the way we use data in this school.

PRIVACY NOTICE

For staff
Workforce Privacy Notice

School Workforce Privacy Notice

The school now adheres to principles set out in UK-GDPR (General Data Protection Regulation) and the Data Protection Act (2018).

This privacy notice explains how we collect, store and use personal data about the school workforce.

We, The Python Hill Academy, are the ‘data controller’ for the purposes of data protection law.

Our Data Protection Officer (DPO) is Tim Pinto (see ‘Contact us’ below).

Privacy Notice (How we use school workforce information)

The categories of school workforce information that we collect, process, hold and share include (when appropriate) about you includes, but is not restricted to:

  • personal information (such as name, employee or teacher number, national insurance number)
  • special categories of data including characteristics information such as gender, age, ethnic group
  • contract information (such as start dates, hours worked, post, roles and salary information)
  • work absence information (such as number of absences and reasons)
  • Date of birth, marital status and gender
  • Next of kin and emergency contact numbers
  • Salary, annual leave, pension and benefits information
  • Bank account details, payroll records, National Insurance number and tax status information
  • Recruitment information, including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process
  • Qualifications and employment records, including work history, job titles, working hours, training records and professional memberships
  • Performance information
  • Outcomes of any disciplinary and/or grievance procedures
  • Copy of driving licence
  • Photographs
  • Data about your use of the school’s information and communications system

We may also collect, store and use information about you that falls into “special categories” of more sensitive personal data. This includes information about (where applicable):

  • Race, ethnicity, religious beliefs, sexual orientation and political opinions
  • Trade union membership
  • Health, including any medical conditions, and sickness records

Why we collect and use this information

We use school workforce data to:

  • enable the development of a comprehensive picture of the workforce and how it is deployed
  • inform the development of recruitment and retention policies
  • enable individuals to be paid
  • Facilitate safe recruitment, as part of our safeguarding obligations towards pupils
  • Support effective performance management
  • Allow better financial modelling and planning
  • Enable ethnicity and disability monitoring
  • Improve the management of workforce data across the sector
  • Support the work of the School Teachers’ Review Body

The lawful basis on which we process this information 

We only collect and use personal information about you when the law allows us to. Most commonly, we use it where we need to:

  • Fulfil a contract we have entered into with you
  • Comply with a legal obligation
  • Carry out a task in the public interest

Less commonly, we may also use personal information about you where:

  • You have given us consent to use it in a certain way

We need to protect your vital interests (or someone else’s interests)

Where you have provided us with consent to use your data, you may withdraw this consent at anytime. We will make this clear when requesting your consent, and explain how you go about withdrawing consent if you wish to do so.

Some of the reasons listed above for collecting and using personal information about you overlap, and there may be several grounds which justify the school’s use of your data.

Collecting this information

Whilst the majority of information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with data protection legislation, we will inform you whether you are required to provide certain school workforce information to us or if you have a choice in this.

Storing this information

We create and maintain an employment file for each staff member. The information contained in this file is kept secure and is only used for purposes directly relevant to your employment.

Once your employment with us has ended, we will retain this file and delete the information in it in accordance with our record retention schedule.

Who we share this information with

We do not share information about you with any third party without your consent unless the law and our policies allow us to do so.

Where it is legally required, or necessary (and it complies with data protection law) we may share personal information about you with:

  • Our Local Authority
  • The Department for Education (DfE)
  • Educators and examining bodies
  • Our regulator- Ofsted
  • Suppliers and service providers – to enable them to provide the service we have contracted them for, such as payroll
  • Central and local government
  • Our auditors
  • Trade unions and associations
  • Security organisations
  • Police forces, courts, tribunals
  • Absence insurance companies – to obtain quotes and cover for sickness

Why we share school workforce information

We do not share information about workforce members with anyone without consent unless the law and our policies allow us to do so.

Local Authority

We are required to share information about our workforce members with our local authority (LA) under section 5 of the Education (Supply of Information about the School Workforce) (England) Regulations 2007 and amendments.

Department for Education (DfE)

We share personal data with the Department for Education (DfE) on a statutory basis. This data sharing underpins workforce policy monitoring, evaluation, and links to school funding /expenditure and the assessment educational attainment.

We are required to share information about our school employees with our local authority (LA) and the Department for Education (DfE) under section 5 of the Education (Supply of Information about the School Workforce) (England) Regulations 2007 and amendments.

Data collection requirements

The DfE collects and processes personal data relating to those employed by schools (including Multi Academy Trusts) and local authorities that work in state funded schools (including all maintained schools, all academies and free schools and all special schools including Pupil Referral Units and Alternative Provision). All state funded schools are required to make a census submission because it is a statutory return under sections 113 and 114 of the Education Act 2005.

To find out more about the data collection requirements placed on us by the Department for Education including the data that we share with them, go to https://www.gov.uk/education/datacollection-and-censuses-for-schools.

The department may share information about school employees with third parties who promote the education or well-being of children or the effective deployment of school staff in England by:

  • Conducting research or analysis
  • Producing statistics
  • Providing information, advice or guidance

The department has robust processes in place to ensure that the confidentiality of personal data is maintained and there are stringent controls in place regarding access to it and its use. Decisions on whether DfE releases personal data to third parties are subject to a strict approval process and based on a detailed assessment of:

  • Who is requesting the data
  • The purpose for which it is required
  • The level and sensitivity of data requested; and
  • The arrangements in place to securely store and handle the data

To be granted access to school workforce information, organisations must comply with its strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data.

For more information about the department’s data sharing process, please visit:

https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

To contact the department: https://www.gov.uk/contact-dfe

Requesting access to your personal data

Under data protection legislation, you have the right to request access to information about you that we hold. To make a request for your personal information, contact:

Mrs Joe Hessey

Admin Assistant

jhessey@pythonhill.notts.sch.uk

Tel: 01623 464164

or the Data Protection Officer, Tim Pinto

You also have the right to:

  • Object to processing of personal data that is likely to cause, or is causing, damage or distress
  • Prevent processing for the purpose of direct marketing
  • Object to decisions being taken by automated means
  • In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • Claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, we ask that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/

Further information

If you would like to discuss anything in this privacy notice, please contact:

Mrs Joe Hessey

jhessey@pythonhill.notts.sch.uk

Tel: 01623 464164

or the Data Protection Officer, Tim Pinto (tpinto@esafetyoffice.co.uk) or 01977 232167

Schools of The Forge Trust
Contact Us

For general enquiries please contact Mrs A Taylor or Miss R Dawes

  • 01623 464164
  • office@pythonhill.co.uk
  • The Python Hill Academy, Kirklington Road, Rainworth, Mansfield, Nottinghamshire, NG21 0JZ
COPYRIGHT 2022 The Python Hill Academy Academy, COMPANY NUMBER: 09443602, ALL RIGHTS RESERVED
Main Menu