Privacy Policy

St Charles Catholic Sixth Form College considers the privacy of its users to be a serious issue. Please read the following to learn more about our privacy policy. St Charles Catholic Sixth Form College is a school based in the United Kingdom

Privacy Notice – (How we use student information) 

St Charles Catholic Sixth Form College (the College) is the data controller for the personal data it uses. 

To support learning and achievement, the College collects and uses information about students. In this document the College is referred to as ‘We’ or ‘Ours’. Students are referred to as ‘You’ or ‘Your’ 

Much of the information we collect is classed as ‘personal data’ and our use of it is covered by a set of rules called the General Data Protection Regulation (GDPR)1 and the Data Protection Act 2018. 

This document tells you more about: 

  • The information we collect 

  • What we use the information for 

  • How your information is stored and how long we keep it 

  • What rights you have to the information 

What Information do we collect and use about students? 

We collect many different categories of information, for example: 

  • Personal details 

  • Contact details 

  • Family details 

  • Admission records 

  • Attendance records 

  • Absence details 

  • Behaviour records 

  • Behaviour management records 

  • Academic progress 

  • Examinations details 

  • Trips and visits 

  • Extra-curricular activities 

  • Photographs of you 

  • Images from CCTV 

  • Files, messages, documents and artwork you have produced 

  • Records of discussions with members of staff 

  • Records of your use of College IT systems 

In some cases, we will also have: 

  • Information about consultation with other professionals 

  • Information about supporting for your learning 

  • Records of any College equipment loaned to you 

  • Information about plans for career 

Some of the personal data we keep is given greater protection and is known as special category personal data. 

 

Special category data that we collect and use about you includes 

  • Information about health conditions 

  • Information about sickness related absences 

  • Information about your ethnic origin 

Why we collect and use this information 

We use the information  

  • To support the admissions process 

  • To support your learning 

  • To monitor and report on your academic progress 

  • To enable you to take part in exams 

  • To provide appropriate pastoral care 

  • To help us manage any health conditions that may affect your learning 

  • To comply with our legal obligations to share information 

  • To check the quality of our services 

The legal basis for using this information 

Depending on the purpose, our use of your information will be legal due to one of the following: 

  • Informed consent given by you or your parent or legal guardian [GDPR Article 6(1)(a)] 
    For example: The use of your photographs on our website 

  • To meet a legal requirement [GDPR Article 6(1)(c)] 

For example: Providing information for the Education Department Census 

  • To protect the vital interests of you or someone else [GDPR Article 6(1)(d) 

For example: Giving your family details to emergency services 

  • Delivering a public task [GDPR Article 6(1)(e)] 

For example: Recording your attendance at College each day 

Where we use special category data, our use is legal due to one of the following reasons: 

  • Explicit informed consent given by you or your parent or legal guardian [GDPR Article 9(2)(a)} 
    For example: Using your fingerprints to identify you to our IT systems 

  • We are legally obliged to collect and use it [GDPR Article 9(2)(b)] 
    For example: Information about your ethnic origin or any disability 

  • To protect the vital interest of you or someone else [GDPR Article 9(2)(c)] 
    For example: Giving detail of health conditions to the emergency services 

  • Because it is part of delivering a public service [GDPR Article 9(2)(g)] 
    For example: Holding data on any medical condition so that we can help you manage it 

Storing your personal data 

We hold student data securely on our Student MIS system for the set amount of time shown in our data retention schedule. Paper records are stored in a secure Student Records filing room. 

Sharing your personal data 

At times we will share your personal data with other organisations and people. We will only do this when we are legally required to do so, when our policies allow us to do so or when you have given your consent. 

Examples of people we share personal data with are: 

  • Family, associates and representatives of the person whose personal data we are processing who are authorised to receive the data 

  • UCAS - university application service 

  • our local authorities who have a statutory obligation to manage the education and training for young people 

  • the Department for Education (DfE) 

  • Learner Record Service, a government agency which maintains a Personal Learner Record - see https://www.gov.uk/government/publications/lrs-privacy-notices 

  • ALPS and other College achievement/attainment analysis services 

  • prospective employers when they request employment references 

  • Examining bodies  

  • Healthcare, social and welfare organisations  

  • Police forces and Courts  

  • Voluntary and charitable organisations  

Where we share your personal data with someone who is a supplier or service provider we have taken steps to ensure that they treat your personal data in a way that meets the requirements of the GDPR. 

Your rights to your personal data 

You have rights relating to the personal data that we collect and use. The rights you have depend on the legal basis of us using the information. If we are using your personal data based on your consent, you can withdraw that consent and we will stop using that personal data. Withdrawing your consent will need to be recorded in writing, please contact the Robert Barr (see below for contact details). 

The right to be informed:  

If you ask us, we must tell you if we are collecting or using your personal data. 

If we are collecting or using your personal data, you have: 

The right of access to your personal data 

You have the right to view the personal data that we hold about you, to receive a copy of the data and to be given more information about the data including any transfer to countries who do not fall under the requirements of the GDPR. 

Some information we hold cannot be accessed in this way. If you ask for information that is not available, there may be other ways of accessing it and we can help you. 

To have access to your personal data we will need to collect details of what you want and in the first instance you can contact the Data Protection Officer whose details can be found at the end of this Privacy Notice. 

Other rights 

You also have rights to ask us to correct inaccurate personal data, to ask us to stop using it or to object to us using it. For some data you may have to right to ask us to erase it, to provide it in an electronic format that you can give to someone else. For some personal data if we are subjecting it to automated decision making then you have the right to object to this and request that a person is involved. 

You will be given full details of these rights if you request access to your personal data or you can ask the Data Protection Officer. 

Who to contact: 

The College has the responsibility to ensure that your personal data is protected. It is called the data controller. All members of staff work for the data controller. 

We recommend that you contact the data protection administrator: 

Name of Person: Robert Barr 
email address: rba@stcharles.ac.uk 
Contact number: +442089687755 
Contact address: 74 St Charles Square, North Kensington, London, W10 6EY 

Trusts are also required to have someone called a Data Protection Officer or DPO. The DPO advises the Trust about issues to do with data protection, but can also help you, if you have a problem. 

Our Data Protection Officer is: 

Name of DPO: GDPR Sentry Limited 
email address: support@gdprsentry.com 
Contact number: 0113 804 2035 
Contact address: Unit 434 Birch Park, Thorp Arch Estate, Wetherby, West Yorkshire, LS23 7FG 

If you have any questions about this privacy notice please contact the data protection administrator or the Data Protection Officer. 

If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/ or call 0303 123 1113. 

 

Reviewed March 2022