Privacy Notice for Parents and Carers - Smoothwall specific
(Use of your child’s personal data )
Under the General Data Protection Regulation (GDPR) individuals have a right to be informed about how we use any personal data that we hold about them. As an academy within The Elliot Foundation Academy Trust we comply with this right by providing a Privacy Notice to individuals where we are processing their personal data.
For the purposes of data protection law The Elliot Foundation Academy Trust is the ‘data controller’. The Data Protection Officer for the trust, who oversees how we collect, use, share and protect your information, is Jem Shuttleworth (jem.shuttleworth@elliotfoundation.co.uk).
For the purposes of data protection law we, Billesley Primary School, are the ‘data processor’.
Our Local Compliance Officer, who works with staff in the school to process and protect your data, is Kevin Smyth.
This Privacy Notice explains how we collect, store and use personal data about pupils and is specific to the use by pupils of their school provided email address and resulting online activity.
The purpose for processing:
To monitor user’s activity in the digital environment, through the email provided by their school, in order to detect and alert markers of risk to safety, welfare and well being.
The lawful basis for processing:
Schools are legally required to comply with statutory obligations regarding safeguarding and child protection. As such, schools and The Elliot Foundation Academies Trust is able to rely on -
Personal data is only processed when necessary to provide the agreed service as laid out in the formal Monitoring Services Agreement between Smoothwall and The Elliot Foundation Academies Trust. The agreed service is designed to detect the early warning signs of safeguarding risk as defined by the Department for Education through Keeping Children Safe in Education.
The categories of personal data obtained:
Smoothwall will only capture user activity where a marker of suspected inappropriate activity or behaviour, which may impact the welfare and wellbeing of an individual or is illegal, is detected. Smoothwall does not record all user activity nor capture details of apparently benign activity.
Smoothwall does not record the name of the user. User login IDs are assigned by the school and it is the responsibility of the school to ensure that all documentation that links user login IDs to individuals is held securely and treated confidentially.
Smoothwall monitoring of user activity is mandatory for all those with a school provided email address.
How Smoothwall store this personal data:
The retention periods for this personal data:
Who we share this data with:
We do not share information about your child with any third party unless the law and our policies allow us to do so.
Where it is legally required or necessary in response to a cause for concern (and it complies with data protection law) we may share this personal information about your child with:
Requesting access to your child’s personal information:
Individuals have a right to make a ‘subject access request’ (SAR) to gain access to personal information that the school holds about them.
Parents/carers can make a request with respect to your child’s data where the child is not considered mature enough to understand their rights over their own data (usually under the age of 12).
If you make a SAR, and if we do hold information about your child, we will:
To make a request for this personal information please contact the Data Protection Officer for the Trust, Jem Shuttleworth. SARs for this data must be made in writing. If you cannot make a request in writing, please contact Jem for support with making a request.
We will not charge for carrying out a SAR unless the request is ‘excessive’ or a copy of information that has already been given. SARs may take up to one month to action.
Other rights:
Under GDPR individuals have certain rights regarding how their personal data is used and kept safe, including the right to:
To exercise any of these rights please contact the Data Protection Officer for the trust -
jem.shuttleworth@elliotfoundation.co.uk
Complaints:
As a school, and as part of The Elliot Foundation Academies Trust, we take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with the Local Compliance Officer in the first instance.
To make a formal complaint please contact the Data Protection Officer for the trust.
Contact us:
If you have any questions, concerns or would like more information about anything mentioned in this Privacy Notice, please Kevin Smyth the Local Compliance Officer on k.smyth@billelseyschool.co.uk or 0121 6752800