Protecting Your Online Privacy
1.0 How we use your information
We process personal information relating to our pupils and may receive information about them from their previous school or college, local authority, the Department for Education (DfE) and the Learning Records Service. We hold this personal data to:
- support our pupils’ learning
- monitor and report on their progress
- provide appropriate pastoral care; and
- assess the quality of our services
Information about our pupils that we hold will include their contact details, national curriculum assessment results, attendance information, any exclusion information, where they go after they leave us and personal characteristics such as their ethnic group, any special educational needs they may have as well as relevant medical information. For pupils enrolling for post 14 qualifications, the Learning Records Service will give us the unique learner number (ULN) and may also give us details about your learning or qualifications.
Please see also our Data Protection policy [pdf, 369 KB]
2.0 Pupils from the age of 13
In addition once our pupils reach the age of 13, the law requires us to pass on certain information about them to Sandwell Metropolitan Borough Council who have responsibilities in relation to the education or training of 13-19 year olds. We provide them with these pupils’ names and addresses, dates of birth, name(s)/address(es) of their parent(s)/guardian(s) and any other information relevant to their role. We may also share certain personal data relating to children aged 16 and over with post-16 education and training providers in order to secure appropriate services for them.
A parent/guardian can ask that no information apart from their child’s name, address and date of birth be passed to Sandwell Metropolitan Borough Council by informing Dee Aston, Office Administrator: email@example.com.
This right is transferred to the child once he/she reaches the age 16. For more information about services for young people, please go to our local authority website http://www.sandwell.gov.uk/info/200295/schools_and_learning
We will not give information about you to anyone without your consent unless the law and our policies allow us to.
We are required, by law, to pass some information about you to the Department for Education (DfE). This information will, in turn, then be made available for the use by the LA.
If you need more information about how our local authority and/or DfE collect and use your information, please visit:
- our local authority at http://www.sandwell.gov.uk/ or
- the DfE website at https://www.gov.uk/data-protection-how-we-collect-and-share-research-data
Along with our internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- UK Data Protection Act 1998 (DPA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection lead (details of whom can be found in section 9.0) for clarification.
4.0 Personal information that this website collects and why we collect it
This website collects and uses personal information for the following reasons:
4.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 6.0 below).
4.2 Our social media
The links to our social media accounts are purely static and as such do not record any personal information.
As users need to log in to their personal social media accounts to view/comment on our posts, we consider our social media providers (Facebook, Twitter etc) to be a third party data processor (see section 6.0 below).
By default, all sharing through social media is public. When you post comments on our social media posts you should assume that anything you publish is publicly accessible. Also, please keep in mind that anything you share may be subsequently posted publicly by other users. Content published and shared publicly is accessible to everyone, including search engines, and this may affect the control you have regarding that content. In addition, information shared publicly may be copied and shared throughout the Internet, including through actions or features native to the Services, such as reblogging.
NOTE: You should avoid entering personally identifiable information to the actual comment field of any post that you submit on social media.
4.3 Links to non-hosted software applications (Sleuth, thesharpsystem, cpoms)
We use software for behaviour reporting (Sleuth), for safeguarding monitoring (cpoms) and provide a Student Help Advice Reporting Page (thesharpsystem) which are accessible from the website.
These links are purely static and as such do not record any personal information.
As the software applications are not hosted on our servers, we consider them to be a third party data processor (see section 6.0 below).
The information provided on thesharpsystem is confidential and will be filed for up to 6 months and then destroyed.
If you give your details you are entitled to a copy of your details within the 6 months, please contact our data protection lead (details of whom can be found in section 9.0) if you require a copy.
4.4 Links to hosted software applications (Frog & ePortal)
In addition the the aformentioned software applications Sleuth, thesharpsystem and cpoms, we use educational software that is accessible from the website and which are hosted on our servers: Frog (our Virtual Learning Environment) and ePortal (our student management system).
All these systems process and store personal information relating to our pupils. Information about our pupils that we hold on these systems may include their contact details, national curriculum assessment results, attendance information, any exclusion information, where they go after they leave us and personal characteristics such as their ethnic group, any special educational needs they may have as well as relevant medical information. For pupils enrolling for post 14 qualifications, the Learning Records Service will give us the unique learner number (ULN) and may also give us details about your learning or qualifications.
The collation, retention, storage and security of personal data is governed by the Data Protection Act 1998 (DPA)
For further information, see also
- the Department of Education statutory guidance on keeping and maintaining records for schools
- the Information Commissioner's Office web page for the educational sector
- Please see also our Data Protection policy [pdf, 369 KB]
4.5 Contact and feedback forms
We use third party data processors for our contact form (Wofoo) and feedback forms (Survey Monkey).
Should you choose to contact us using the contact or a feedback forms, your details will be processed on third party data processors and stored on their servers for up to 3 months for quality assurance purposes before they are deleted.
If you do not agree to have your details stored in this way, please do not use the online forms and contact us by email (firstname.lastname@example.org) or telephone +44 (0) 121-553-4665 instead.
4.6 Email links
Should you choose to contact us using an email link, none of the data that you supply will be stored by this website or passed to / be processed by us or any of the third party data processors defined in section 6.0. Instead your own (external) email application will open (if installed on the device) for you to complete the process.
However, not all external email servers are secure. Therefore, we would suggest that you always consider email as an insecure medium and not include personal, confidential or otherwise sensitive information within an email.
Note that we will never email you to ask for your password or other Account Information; if you receive such an email, please forward it to us.
5.0 About this website’s server
This website, our VLE (Frog) and ePortal are hosted on our internal servers.
Some of our security features are as follows:
- Servers are behind a hard- and software firewall (Smoothwall)
- Server cabinets have locked doors (no open racks)
- Perimeter and internal CCTV system 24×7
- Only authorised are allowed into the server rooms
- All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 3.0. The third parties that are based in the USA are EU-U.S Privacy Shield compliant.
7.0 Data Breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
8.0 Data Controller
The data controller of this website is:
George Salter Academy
Whose registered office is:
If you require a copy of the information that we hold about you on our systems, please contact:
Mrs. Avia Howe
Telephone: +44 (0) 121-553-4665