As a result of the Trust’s statutory responsibility, the Trust will receive personal data, some of which will be sensitive personal data. The Trust processes personal data in accordance with the data protection principles embodied in the General Data Protection Regulations (GDPR) and the Data Protection Act 2018 (DPA). The Trust complies with the requirements of the data protection legislation as detailed in the Trust data protection Policy.
All staff are aware of the principles of data protection and will not processes personal data unless necessary. The Trust safeguards the personal data it collects through the operation of the Trust’s data protection policy and processes and the IT policy. In addition, the Trust and the relevant academy has taken steps to ensure that all its contracts that process data have the GDPR compliant provisions.