Terms and Privacy

www.townleygrammar.org.uk
Last Updated: Monday 6th December 2024

Townley Grammar School maintains this website www.townleygrammar.org.uk ("the Site") and the information and materials on the Site ("Content").

Disclaimer. Whilst Townley Grammar School takes care to ensure the accuracy of the Content, to the extent permitted by law, Townley Grammar School assumes no legal liability for and does not warrant that the information contained on this website is accurate or complete, or that these web pages will be free from errors or that its availability will be uninterrupted and Townley Grammar Schoolhereby expressly disclaims and excludes all express and implied warranties terms or conditions not stated herein, so far as such exclusion or disclaimer is permitted under the applicable law. Townley Grammar School excludes all liability to any person for any loss or damage caused by any errors or omissions, whether such errors or omissions result from negligence, accident or any other cause but this disclaimer is without prejudice to any claims for fraudulent misrepresentation, personal injuries or death.

Restrictions on Use of Content. The Content of this website and all copyright and other intellectual property rights therein belong to Townley Grammar School or its Content providers. You are hereby granted permission to access the Site and print a copy of the Content as a record of your visit. All other use of the Site and its Content, including modification, publication, transmission, creation of derivative works, incorporation into another web site or reproducing the Site or the Content (whether by linking, framing or any other method) is not permitted without Townley Grammar Schools prior express written consent.

This privacy notice describes how we collect and use personal information about pupils, in accordance with the UK General Data Protection Regulation (UK GDPR), section 537A of the Education Act 1996 and section 83 of the Children Act 1989.

Following Brexit, Regulation (EU) 2016/679, General Data Protection Regulation (GDPR) is retained EU law and known as UK GDPR. The UK GDPR sits alongside an amended version of the Data Protection Act 2018 that relate to general personal data processing, powers of the Information Commissioner and sanctions and enforcement. The GDPR as it continues to apply in the EU is known as EU GDPR.

PRIVACY NOTICE FOR PUPILS AND PARENTS

This notice applies to all pupils and parents.

1. Who Collects This Information?

Townley Grammar School is a “data controller.” This means that we are responsible for deciding how we hold and use personal information about pupils and parents. Under data protection legislation, we are required to notify you of the information contained in this privacy notice.

This notice does not form part of any contract to provide services and we may update this notice at any time.

It is important that you read this notice with any other policies mentioned within this privacy notice, so that you are aware of how and why we are processing your information, what your rights are under data protection legislation and the procedures we take to protect your personal data.

2. Data Protection Principles

We will comply with the data protection principles when gathering and using personal information, as set out in our data protection policy.

3. Categories of Pupil Information We Collect, Process, Hold and Share

We may collect, store and use the following categories of personal information about you:

Personal information such as name, pupil number, date of birth, gender and contact information;
Emergency contact and family lifestyle information such as names, relationship, phone numbers and email addresses;
Characteristics (such as language, and free school meal eligibility);
Financial Details as provided;
Attendance details (such as sessions attended, number of absences and reasons for absence);
Performance and assessment information;
Behavioural information (including exclusions);
Images of pupils engaging in school activities, and images captured by Townley Grammar School’s CCTV system;
Information about the use of our IT, communications and other systems, and other monitoring information;
Post 16 learning information;
Recordings of pupils and/or parents from Townley Grammar School’s video conferencing platform.

We may also collect, store and use the following more sensitive types of personal information:

Information about your race or ethnicity, religious or philosophical beliefs
Information about your health, including any medical conditions and sickness records;
Special educational needs information.

4. Collecting this Information

Whilst the majority of information you provide to us is mandatory, some of it is provided to us on a voluntary basis. To comply with the UK General Data Protection Regulation, we will inform you whether you are required to provide certain pupil information to us or if you have a choice in this.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

5. How We Use Your Personal Information

We hold pupil data and use it for:

Pupil selection (and to confirm the identity of prospective pupils and their parents);
Providing education services and extra-curricular activities to pupils, and monitoring pupils' progress and educational needs;
Informing decisions such as the funding of schools;
Assessing performance and to set targets for schools;
Safeguarding pupils' welfare and providing appropriate pastoral (and where necessary medical) care;
Support teaching and learning;
Giving and receiving information and references about past, current and prospective pupils, and to provide references to potential employers of past pupils;
Managing internal policy and procedure;
Enabling pupils to take part in assessments, to publish the results of examinations and to record pupil achievements;
To carry out statistical analysis for diversity purposes;
Legal and regulatory purposes (for example child protection, diversity monitoring and health and safety) and to comply with legal obligations and duties of care;
Enabling relevant authorities to monitor Townley Grammar School's performance and to intervene or assist with incidents as appropriate;
Monitoring use of Townley Grammar School's IT and communications systems in accordance with Townley Grammar School's IT security policy;
Making use of photographic images of pupils in school publications, on Townley Grammar School website and on social media channels;
Security purposes, including CCTV;
Where otherwise reasonably necessary for Townley Grammar School's purposes, including to obtain appropriate professional advice and insurance for Townley Grammar School and;
To provide the support to pupils after they leave Townley Grammar School.

6. The Lawful Bases on which we use this Information

We will only use your information when the law allows us to. Most commonly, we will use your information in the following circumstances:

Consent: the individual has given clear consent to process their personal data for a specific purpose;
Contract: the processing is necessary for a contract with the individual;
Legal obligation: the processing is necessary to comply with the law (not including contractual obligations);
Vital interests: the processing is necessary to protect someone’s life.
Public task: the processing is necessary to perform a task in the public interest or for official functions, and the task or function has a clear basis in law; and
The Education Act 1996: for Departmental Censuses 3 times a year. More information can be found at: https://www.gov.uk/education/data-collection-and-censuses-for-schools.

We need all the categories of information in the list above primarily to allow us to comply with legal obligations. Please note that we may process information without knowledge or consent, where this is required or permitted by law.

7. How we use particularly sensitive personal information

Special categories of particularly sensitive personal information, such as information about your health, racial or ethnic origin, sexual orientation, or biometrics require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data. We may process special categories of personal information in the following circumstances:

In limited circumstances, with your explicit written consent.
Where we need to carry out our legal obligations in line with our data protection policy.
Where it is needed in the public interest, such as for equal opportunities monitoring.
Where it is necessary to protect you or another person from harm.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public.

8. Sharing Data

We may need to share your data with third parties where it is necessary. There are strict controls on who can see your information. We will not share your data if you have advised us that you do not want it shared unless it’s the only way we can make sure you stay safe and healthy, or we are legally required to do so.

We share pupil information with:

the Department for Education (DfE) - on a statutory basis under section 3 of The Education (Information About Individual Pupils) (England) Regulations 2013;
Ofsted;
Other Schools that pupils have attended/will attend;
NHS;
Welfare services (such as social services);
Law enforcement officials such as police, HMRC;
Local Authority Designated Officer;
Professional advisors such as lawyers and consultants;
Support services (including insurance, IT support, information security);
Financial and Management Services; Arbor Education, sQuid, Cummings, Pebble, Wisepay;
Providers of learning and development software; Microsoft 365, Google Classroom, FFT, ALPS, 4Matrix, School Vue, Timetabler, Compass+, ToucanTech, SchoolCloud, Edmodo, MyMaths, MyScience, GCSEPod, Eclipse, Excelerated Reader, Diverse Leadership Network, Hegarty Maths, Educake Science, Kerboodle, Trotman – Indigo, Carrot Award, MathsWatch, PiXL, Uplearn, Applicaa and Duke of Edinburgh Award Scheme;
The Local Authority;
Youth support services – under section 507B of the Education Act 1996, to enable them to provide information regarding training and careers as part of the education or training of 13–19-year-olds.

The Department for Education request regular data sharing on pupil attendance to help support those vulnerable students and to assist with intervention strategies.

Information will be provided to those agencies securely or anonymised where possible.

The recipient of the information will be bound by confidentiality obligations, we require them to respect the security of your data and to treat it in accordance with the law.

We may transfer your personal information outside the UK and the EU. If we do, you can expect a similar degree of protection in respect of your personal information.

9. Retention Periods

Except as otherwise permitted or required by applicable law or regulation, the school only retains personal data for as long as necessary to fulfil the purposes they collected it for, as required to satisfy any legal, accounting or reporting obligations, or as necessary to resolve disputes.

Information about how we retain information can be found in our Data Retention policy. This document can be found on our website.

10. Security

The school keep information about pupils on computer systems and sometimes on paper.

We have put in place measures to protect the security of your information (i.e., against it being accidentally lost, used, or accessed in an unauthorised way).

11. Youth Support Services

Pupils aged 13+

Once our pupils reach the age of 13, we also pass pupil information to our local authority and / or provider of youth support services as they have responsibilities in relation to the education or training of 13–19-year-olds under section 507B of the Education Act 1996.

We must provide the pupils name, the parents name(s) and any further information relevant to the support services role.

This enables them to provide services as follows:

youth support services
careers advisers

A parent or guardian can request that only their child’s name, address and date of birth is passed to their local authority or provider of youth support services by informing us. This right is transferred to the child / pupil once he/she reaches the age 16.

Pupils aged 16+

We will also share certain information about pupils aged 16+ with our local authority and / or provider of youth support services as they have responsibilities in relation to the education or training of 13–19-year-olds under section 507B of the Education Act 1996.

This enables them to provide services as follows:

post-16 education and training providers
youth support services
careers advisers

For more information about services for young people, please visit our local authority website.

12. The National Pupil Database

The NPD is owned and managed by the Department for Education and contains information about pupils in schools in England. It provides invaluable evidence on educational performance to inform independent research, as well as studies commissioned by the Department. It is held in electronic format for statistical purposes. This information is securely collected from a range of sources including schools, local authorities and awarding bodies.

We are required by law, to provide information about our pupils to the DfE as part of statutory data collections such as the school census and early years’ census. Some of this information is then stored in the NPD. The law that allows this is the Education (Information About Individual Pupils) (England) Regulations 2013.

To find out more about the NPD, go to https://www.gov.uk/government/publications/national-pupil-database-user-guide-and-supporting-information.

The department may share information about our pupils from the NPD with third parties who promote the education or well-being of children in England by:

conducting research or analysis
producing statistics
providing information, advice or guidance

The Department has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether DfE releases data to third parties are subject to a strict approval process and based on a detailed assessment of:

who is requesting the data?
the purpose for which it is required
the level and sensitivity of data requested;
the arrangements in place to store and handle the data

To be granted access to pupil information, organisations must comply with strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data.

For more information about the department’s data sharing process, please visit: https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

For information about which organisations the department has provided pupil information, (and for which project), please visit the following website: https://www.gov.uk/government/publications/national-pupil-database-requests-received

To contact DfE: https://www.gov.uk/contact-dfe

Under data protection legislation, parents and pupils have the right to request access to information about them that we hold. To make a request for your personal information, contact data@townleygrammar.org.uk.

13. Requesting Access to your Personal Data

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

If you want to request information, please see our Data Protection Policy and Subject Access Request Form for the procedures we take.

14. Contact

If you would like to discuss anything within this privacy notice or have a concern about the way we are collecting or using your personal data, we request that you raise your concern with our Data Analyst Fern Aldridge in the first instance. They can be contacted at data@townleygrammar.org.uk.

We have appointed a data protection officer (DPO) to oversee compliance with data protection and this privacy notice. If you have any questions about how we handle your personal information which cannot be resolved by Fern Aldridge, then you can contact the DPO on the details below:

Data Protection Officer: Fusion Education People Solutions

Email: enquiries@feps.co.uk

Web: www.feps.co.uk

Lead Contact: Ben Cain

You have the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues at https://ico.org.uk/concerns.

15. Changes to this Privacy Notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.