Privacy notice: Learning Services
In accordance with data protection legislation, this notice gives you information about the data we hold about you, how we use it, your rights in relation to it and the safeguards that are in place to protect it.
In accordance with data protection legislation, this notice gives you information about the data we hold about you, how we use it, your rights in relation to it and the safeguards that are in place to protect it.
The right to privacy is very important to us and we appreciate that you trust us to act in a responsible manner when you give us personal information. Personal data, or personal information, means any information about an individual from which that person can be identified.
The Council is registered as a data controller with the Information Commissioner’s Office (ICO). Full details of the registration are available via the ICO register of data controllers. The council as the data controller is responsible for the personal data of pupils.
The Learning Service collects information about children, young people, their parents or legal guardians and school staff.
This information is collected when a child or young person attends a new school, when they are transferred from another school and at other times during the school year.
The Learning Service will also receive information on children/young people from the schools.
The personal data collected is essential in order for the Council to consult and meet statutory obligations. The information collected is used to safeguard children and young people and to ensure appropriate contact details are available to contact parents / guardians.
The Learning Service needs to use the information in order to provide services for children and young people, such as:
- the provision of educational services to individuals
- monitoring and reporting on children / young people’s educational progress, standards and achievements
- managing admissions to nursery, reception and year 7 and transfers between schools
- the provision of welfare, pastoral care, and health services; additional educational needs, inclusion and transport requirements; exclusions, attendance and nursery data
- the giving of support and guidance to children, young people, their parents and legal guardians
- recording of pupils eligible for free school meals, monetary payments through school gateway and debt recovery
- planning and management of the school
The information will not be used for purposes that are not compatible with why it is gathered in the first instance.
Please note that we may process personal data without your knowledge or consent, where this is required or permitted by law.
We collect and use personal information because we have one of the following legal bases for processing:
- to comply with a legal obligation under Article 6(1)(c) of the UK GDPR
- to perform a public interest task under Article 6(1)(e) of the UK GDPR
- to process your personal data to meet our contractual obligations to you under Article 6(1)(b) of the UK GDPR
- 9(2)(j)- processing is necessary for archiving purposes in the public interest; or for scientific or historical research purposes; or for statistical purposes
- 9(2)(a)- processing with the specific and explicit consent of the individual- unless reliance on consent is prohibited by EU or Member State law
How we store data
Personal data is stored in line with our Council’s Data Protection Policy.
How long we keep the information before it is securely disposed of varies depending on the type of information, legal requirements and need.
We will process data securely for the above purposes for no longer than necessary and in accordance to the set amount of time contained in our Data Retention Schedule.
This document can be obtained by contacting the Learning Services Office.
Where necessary and lawful, or when required by legal obligation, we may share relevant information with:
Welsh Government on children and young people directly from schools and the Local Authority normally as part of statutory data collection which consists of:
- Post-16 data collection
- Pupil Level Annual School Census (PLASC)
- Educated other than at school (EOTAS) pupil level collection
- National data collection (NDC)
- Attendance collection
- Welsh National Tests (WNT) data collection
- School Workforce Annual Census (SWAC)
Information held by the Local Authority on children and young people and their parents or legal guardians may be shared with other organisations when the law allows, for example:
- bodies doing research for the WG, LA and schools, so long as steps are taken to keep the information secure
- other education and training bodies, including schools, when pupils are applying for courses, training, school transfer or seeking guidance on opportunities
- social services and other health and welfare organisations where there is a need to share information to protect and support individual children and young people
- various regulatory bodies, such as ombudsmen, inspection authorities and Government fraud initiatives, where the law requires that information be passed on so that they can do their work
- We are also required by law to protect the public funds we administer and may share information provided to us with other bodies responsible for auditing or administering public funds in order to prevent and detect fraud and irregularity
Under data protection legislation, we must protect any information that we collect from you. We have put in place appropriate security measures and applied security standards and controls to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
Information which you have provided will be stored securely. In addition, we limit access to personal data to those employees, contractors and other third parties who need to have access to it. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your data protection rights
Under data protection law, you have rights as a data subject. The rights are not absolute and they may only apply under certain circumstances. Your data subject rights include:
Your right to obtain confirmation that information about you is being used.
Your right of access - you have the right to ask us for copies of your personal information (please see ‘requesting access to your personal data’ below for more details).
Your right to rectification - you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to restriction of processing - you have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - you have the the right to object to the processing of your personal data in certain circumstances. You have the right to object to processing of personal data that is likely to cause, or is causing, damage or distress.
In certain circumstances, you also have the following rights to:
- prevent processing for the purpose of direct marketing
- object to decisions being taken by automated means
- seek redress, either through the ICO, or through the
Requesting access to your personal data
Under data protection legislation, individuals have the right to request access to information about them that we hold. This is commonly known as a 'data subject access request'.
This enables you to receive a copy of the personal data we hold about you and to check that we are processing it lawfully.
To make a request for your personal information, contact the council offices directly.
The following are details of the data controller:
Council Data Protection Officer email: dpo@ynysmon.gov.uk
Address: Isle of Anglesey County Council, Council Offices, Llangefni, Anglesey, LL77 7TW
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) who is the independent regulator for data protection. If you have a concern or complaint about the way we are collecting or using your personal data, you should raise your concern with us in the first instance, so that we can try to resolve any issues.
Information Commissioner’s Office (ICO)
Website: https://ico.org.uk/concerns/
Telephone: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Changes to our privacy notice
We keep our privacy notice under regular review and will publish any revisions.