General Data Protection Regulations

General Data Protection Regulations (GDPR) 

How we use pupil information

Who do we share pupils information with?

We routinely share pupil information with:

  • Schools or colleges that the pupils attend after leaving us
  • Our local authority and their commissioned providers of local authority services
  • The Department of Education (DfE)

Storing pupil Information

At Over Hall we keep information about your child on our computer systems and also sometimes on paper.

We hold your child’s education records securely until your child reaches the age of 25, after which they are safely destroyed. 

There are strict controls on who can see your information.  We will not share data if you have advised us that you do not want it shared, unless it is the only way we can make sure you stay safe and healthy or we are legally required to do so.

The National Pupil Database (NPD)

The NDP is owned and managed by the Department for Education and contains information about pupils in schools in England.  It provides invaluable evidence on educational performance to inform independent research, as well as studies commissioned by the Department.  It is held in electronic format for statistical purposes.  This information is securely collected from a range of sources including schools, local authorities and awarding bodies.

We are required by law, to provide information about our pupils to the DfE as part of statutory data collections such as the School Census and Early Years’ Census.  Some of this information is then stored in the NPD.  The law that allows this is the Education (Information About Individual Pupils) (England) Regulations 2013.

To find out more about the pupil information we share with the Department of Education, for the purpose of data collections, go to www.gov.uk/government/publications/national-pupil-database-user-guide-and-supporting-information

The Department of Education may share information about our pupils from the NPD with third parties who promote the education or well-being of children in England by: 

  • Conducting research or analysis
  • Producing statistics
  • Providing information, advice or guidance

The Department of Education has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data.  Decisions on whether DfE releases data to third parties are subject to a strict approval process and based on a detailed assessment of: 

  • Who is requesting the data
  • The purpose for which it is required
  • The level and sensitivity of data requested and
  • The arrangements in place to store and handle the data

To be granted access to pupil information, organisations must comply with strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data.

For more information about the Department of Education’s data sharing process, please visit: www.gov.uk/data-protection-how-we-collect-and-share-research-data

For information about which organisations the Department of Education has provided pupil information, (and for which project), please visit the following website: www.gov.uk/government/publications/national-pupil-database-requests-received

Requesting access to your personal data

Under data protection legislation, parents have the right to request access to information about themselves or their child that we hold.  To make a request for your personal information, or be given access to your child’s educational record, please request this in writing to the Headetacher via the school office .  The school will, on an annual basis, share individual Data Collection Sheets with you in order to ensure that our records are accurate and up to date.  We request that these are returned promptly and that school is advised of any changes as soon as possible. School will seek your permission to use your child's photo for school purposes - this information will be collated and securely stored for reference. 

You also have the right to:

  • Object to processing of personal data that is likely to cause, or is causing, damage or distress
  • Prevent processing for the purpose of direct marketing 
  • Object to decisions being taken by automated means
  • In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • Claim compensation for damages caused by a breach of the Data Protection regulations

If you should have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at co.org.uk/concerns

Files to Download

Privacy Notice for Pupils, Parents and Guardians for School Lists to be shared with Cheshire and Wirral Partnership 2019 Subject Access Request form Data Protection Breach Reporting Form Data protection GDPR 2021-2022 FOI Policy_App 1 FOI Publication Scheme Data Protection Breach Policy Photo Consent Policy 2022 Taking storing and using images of pupils policy 2022 Privacy Notice for Pupils 2022