Skip to main content

General Data Protection Regulations (GDPR) for Schools 

Schools handle a large amount of personal data. This includes information on pupils, staff, governors, volunteers and job applicants.

Schools also handle what the GDPR refers to as special category data such as race, ethinic origin or trade union membership.

GDPR requires organisations to document how and why they process all personal data and gives rights to the individual.

GDPR has six main principles which states that personal data should be:

  • Processed fairly, lawfully and in a transparent manner
  • Used for  specified, explicit and legitimate purposes
  • Used in a way that is  adequate, relevant and limited
  • Accurate and up to date
  • Kept no longer than necessary
  • Processed in a manner that ensures appropriate security of the data


File icon: pdf Integra Data Protection Policy [pdf 453KB] Click to download
File icon: pdf Integra Subject Access Request Policy and Procedure [pdf 374KB] Click to download
File icon: pdf Integra Records Retention Policy [pdf 465KB] Click to download
File icon: pdf Integra Privacy Notice - Pupils [pdf 181KB] Click to download