Data Protection Policy
Date / Review Date / BoM / Co-Author
March 2017 / March 2019 / Peter Mepsted / Ian Martin

Quest Data Protection Policy

There are 8 Data Protection principles specified in the Data Protection Act. The principles require personal data to be:

  1. Fairly and lawfully processed
  2. Processed for limited purposes
  3. Adequate, relevant and not excessive
  4. Accurate
  5. Not kept longer than necessary
  6. Processed in accordance with people’s rights
  7. Kept secure
  8. Not transferred abroad without adequate protection

The Quest School holds personal data in relation to:

  • Staff – historic, present, potential new recruits
  • Pupils & their families – historic, present and potential
  • Donors – historic, present
  • Consultants
  • Board of Trustees

This data must be held secure, kept up to date,with access only available to those who require it for legitimate purposes in connection with their role at Quest School.It must be destroyed when no longer required.

Security of personal data is maintained by:

  • Paper records being kept under lock and key
  • Computer access being only available via password protected log on and Ids. Access Passwords are never to be shared. If they do become known then they are changed. Hard drives (and SSD’s)are removed and destroyed by a registered Waste DisposalContractor before a computer is disposed of.
  • Personal data being securely disposed of (confidential waste, shred, files deleted) when it is no longer required by the school for legitimate purposes in connection with the services provided by Quest School.
  • Prospective pupils and staff – 12 months after end of enquiry
  • Pupils & Staff who leave – 6 years after they leave the school
  • Personal Donors – 12 months after they cease to be an active donor
  • Board of Trustees – 12 months after they cease to serve on the Board
  • ‘Clear desk policy’ at the end of each working day
  • Permissions being sought for use of personal photographs etc in promotional materials

Detail of Data Held and How Kept Secure

Donors

  • Name
  • Address
  • Email address
  • Telephone number
  • Relationship to a member of staff
  • Potential range of support
  • What they have supported in the past
  • If they are a regular giver
  • If gift aid supporter.

This information is kept on the network storage, which is password protected and has security. Only the Development Manager, Headteacher and one admin staff can gain access.

Additionally,information is retained on a MIS provided by ‘SchoolPod’. This information is retained on a ‘cloud’ based platform and security maintained by password protection and self-administered access rights. ‘SchoolPod’ have provided full information regarding their Data Protection and Network Security.

Gift aid claim forms have attached name, address and amounts donated.

These are kept in the locked confidential cupboard in the office which 3 staff have keys for. (Head teacher and 2 admin staff).These are kept in the locked confidential cupboard in the office which all office staff and senior ABA staff have access to.

Staff incl BoM

  • Name
  • Address
  • DoB
  • National Insurance number
  • Address for the last 5 years
  • Medical background
  • Education history
  • Previous work history
  • Emergency contact details
  • Relevant certificates (degree, qualifications)
  • Bank details
  • GP details
  • Driving Licence and car insurance information (if applicable)
  • References.
  • Information relevant to staff development & performance eg StrengthsFinder
  • Payroll information
  • Performance ratings

Pupils

  • Name
  • Address
  • DoB
  • Emergency contact details
  • Statement of Special Education Needs
  • Birth Certificate
  • Family details (siblings etc)
  • Individual Education Plans
  • Achievement and progress data
  • Photographs that have been approved for use by the School

Information on staff and pupils is kept on the network storage which is password protected and has security protection. Only Head teacher and one admin staff can gain access.

Paper documents are kept in the locked confidential cupboard in the office for which 3 staff have keys. (Head teacher and 2 admin staff).Staff paper documents are kept in locked filing cabinet which Head teacher and office manager have key for. Pupil’s paper documents are kept in locked confidential cupboard in the office for which all office staff and senior ABA staff have access to.

Prospective Pupils

Statement of Special Education Needs plus other supporting reports and documents, address, parents details, DoB.

These are kept in the locked confidential cupboard in the office for which 3 staff have keys. (Head teacher and 2 admin staff). These are kept in the locked confidential cupboard in the office for which all office staff and senior ABA staff have access to.

Document classification [For discussion]

Any document that contains personal and confidential data relating to any individual that is identifiable to an individual, shall be classified as “Strictly Confidential – Personal Data” and identified as such at the front of the document. Such documents will either be securely stored in accordance with this policy or destroyed via confidential shredding.

Data Removal

The following role holders are responsible for the safe removal of data held by the school:

Staff data: Ellie Drake

Pupil data: Carly Templeman

Donor data: Leanne Duvall

Trustee data: Leanne Duvall

Quest School Policy for Data Protection

Previous review date: March 2017

Next review date: March 2019

Version 3

Page | 1