Here at Worth, we have been very active in our GDPR readiness preparations and will continue to build upon these solid foundations to ensure we are fully GDPR compliant. We are committed to ensuring we do the right thing for our students, our families, our staff, our Governors and the third parties we work with.

In the summer 2018, we rolled out our GDPR privacy notices and a new GDPR/Data Protection Policy.

We have been working on the following;

• Data mapping and Data Asset Register

• Embedding data privacy into all our processes

• Information security risk

• Third party risk and our partners

• Procedures to follow if we receive data subject access requests

• Data Privacy Breach procedures

• Ongoing monitoring

• Sourcing a Data Protection Officer

• Internal staff training

We've completed our data mapping exercise. We know what data we have, where it’s held and how we access it. We have robust systems in place to manage our data, this includes technical security measures (e.g. intrusion, detection, firewalls, monitoring), encryption of personal data, restricted access to personal data and protection of our physical premises and hard assets maintaining high security measures. Our Data Protection Officer (DPO) visits our school on a regular basis to conduct audits and to help us make sure we’re doing the right thing.

Cheshire West and Chester is the DPO for our school. Their role is to oversee and monitor the school’s data processing practices. They can be contacted at:

Email: SchoolDPO@cheshirewestandchester.gov.uk
Postal Address: The Portal, Wellington Road, Ellesmere Port, CH65 0BA.