General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation which, from the 25th May 2018 will determine how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.


The Main Principles 

GDPR sets out the key principles that all personal data must be processed in line with.

  • Data must be: processed lawfully, fairly and transparently; collected for specific, explicit and legitimate purposes; limited to what is necessary for the purposes for which it is processed; accurate and kept up to date; held securely; only retained for as long as is necessary for the reasons it was collected
  • The individual’s rights include: to be informed about how their data is used, to have access to their data, to rectify incorrect information, to have their data erased, to restrict how their data is used, to move their data from one organisation to another, and to object to their data being used at all


At St Helen’s Catholic Primary School we are working towards compliance of the new wider requirements. This said the school already aims to ensure robust and secure systems are in place to protect personal data both in electronic and paper form.

In the next few months we will be seeking to improve our systems further to ensure we are fully compliant and all stakeholders will be kept up to date with developments. In the meantime, we appreciate your support in this period of change.

Contact us

If you have any questions, concerns or would like more information about GDPR or discuss anything mentioned in the privacy notices, please contact the school's office or the data protection officer:

Matthew Ginn

Telephone: 0207 926 7711