Welcome to our website. If you continue to browse and use this website [our ‘Site’] you are agreeing to comply with and be bound by the following terms and conditions of use.
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
- Unauthorised use of this website may give rise to a claim for damages and be a criminal offence.
- From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website. We have no responsibility for the content of the linked website(s).
- Your use of this website and any dispute arising out of such use of the website is subject to the laws of England and Wales.
This Policy sets out the basis on which any personal data provided to us by you, or received from third parties, through the website will be used by us.
Please read this Policy carefully and ensure that you understand the rights and responsibilities under it. We are Rochford Primary School, part of the South East Essex Academy Trust(SEEAT) in the United Kingdom, whose offices are at Rochford Primary School, 6 Ashingdon Road, Rochford, Essex, SS4 1NJ and SEEAT’s registered office Westcliff High School for Girls, Kenilworth Gardens, Westcliff-On-Sea, Essex, SS0 0BS.
We are the data controller of personal data provided to us and are registered as a data controller with the ICO under registration number ZA355220[We have appointed a Data Protection Officer who is responsible for addressing data protection matters, including any questions you may have in relation to this Policy. You can contact our Data Protection Officer at firstname.lastname@example.org
Full details are set out in the relevant sections of this Policy below, but in summary:
- we generally receive personal data relating to you directly from you. For
example, we will receive that data if you contact us through the Site or
otherwise, or if we deal with you in our operations;
- we use your data to improve our Site, conduct our operations, keep
appropriate records and meet our legal obligations;
- we only provide your personal data to third parties for our limited purposes or
as permitted by law. We don’t share your data with third party advertisers;
- we store data for specified periods for our limited purposes;
- you have certain rights, prescribed by law, in relation to the processing of your data, such as rights to request access, rectification or deletion of your personal data;
- you can contact us to enquire about any of the contents of this Policy.
Our use of personal data
The section of our Policy describes:
(a) the kinds of personal data that we may collect, use, store and transfer.
We have grouped that data together into different categories based on its
(b) our purposes in processing that data; and
(c) in each case, the legal basis of our processing. The legal basis means one of the permitted bases for processing set out in Article 6 of the General Data Protection Regulation (GDPR). We are required by law to identify this legal basis to you.
Personal data we obtain from youIf you correspond or communicate with us, whether through the Site, by email, bytelephone or otherwise, then we may process personal data which is contained inthe relevant communication (e.g. the contents of correspondence, or notes of thesubject matter of telephone calls) or which relates to the communication (e.g. yourcontact details or job title). All of this together is communications data. We processcommunications data for the purposes of communicating with you. We may process technical data about your use of the Site, such as your browsertype and version, operating system, time zone setting and location, referral source,length of visit, or navigation around the Site (for instance, which pages are viewedand how long for). This data is aggregated and anonymised in such a way that itcontains no information relating to any identifiable individual at all: it’s not actuallypersonal data but we mention it in this Policy for the sake of completeness. Weprocess technical data for the purpose of improving our Site.
Our other processingWe may also process any of the data described above:
(a) for the purposes of record-keeping and back-up and restoration of our systems;
(b) as required by law or in connection with legal claims.
Our legal basis of processingWe will process personal data only on lawful bases. In particular, we will processpersonal data on the following lawful bases identified in Article 6 GDPR: for the performance of a contract with you, or to take steps at your request priorto entering into a contract with you (Article 6(1)(b) GDPR). This may be ourbasis for processing communications data, account data, transaction data orvisitor data; for our legitimate interests (Article 6(1)(f) GDPR). This may be our basis forprocessing:
i) correspondence, account and visitor data (as we have an interest inproperly administering our business and communications, and indeveloping our relationships with interested parties);
ii) any personal data identified in this Policy where necessary inconnection with legal claims (as we have an interest in being able toconduct and defend legal claims to preserve our rights); and
iii) any personal data identified in this Policy in connection with backupsof any element of our IT systems or databases containing thatpersonal data (as we have an interest in ensuring the resilience ofour IT systems and the integrity and recoverability of our data). In performing our public functions (Article 6(1)(e). This may be our basis forprocessing any of the personal data identified above if we do so in connectionwith carrying out specific tasks in the public interest (for example, in ourteaching or governance activities). If we process personal data in carrying outactivities unrelated to our public functions then we do so on one of the basesset out above.
Disclosures of your personal dataWe may disclose your personal data to our suppliers or contractors in connection with the uses described above. For example, we may disclose:
(a) any personal data in our possession to suppliers which host the servers on which our data is stored;
(b) account data to contractors who help us administer our operations.
We do not allow our suppliers or contractors to use your personal data for their ownpurposes and only permit them to process your personal data for specified purposesand in accordance with our instructions and applicable law. We may disclose your personal data as necessary to comply with law (e.g. toGovernment or law enforcement). We may disclose your personal data to our legal or professional advisors in order totake advice, but will do so under obligations of confidentiality.If any part of our operations is sold to, transferred to, or integrated with, anotherorganisation (or if we enter into negotiations for those purposes), your personal datamay be disclosed to that organisation.
Transfers outside the EEASome of the third parties to whom we may transfer your personal data, discussedabove, may be located outside the EEA or may transfer your personal data to theirown service providers located outside the EEA. If so, then we will ensure thattransfers by our appointed data processors will only be made lawfully (e.g. tocountries in respect of which the European Commission has made an "adequacydecision”, or with appropriate safeguards such as the use of standard clausesapproved by the European Commission or the use of the EU-US Privacy Shield. Youmay contact us if you would like further information about these safeguards.
Data securityWe take appropriate technical and organisational security measures to prevent yourpersonal data from being lost, used, accessed, altered or disclosed by accident orwithout authorisation.If we become aware of any personal data breach then we will notify you and the ICOas required by law.
Retention and deletion of your dataWe will only process your personal data as long as is needed for the purposes for which we process it, and will be deleted afterwards. In particular:
(a) technical data which is anonymised (and therefore not personal data)may be retained by us indefinitely (but is typically deleted within a few months);(b) communications data which relates only to enquiries and not to a business relationship will be retained for the period of the enquiry or chain of correspondence and then deleted after approximately twelve months;
We may retain your personal data longer where necessary to comply with law.
Your legal rights under GDPRWe have summarized below the rights that you have under data protection law. Youcan read guidance from the Information Commissioner’s Office at www.ico.gov.uk for more information. You have:
(a) the right to access: if requested, we must confirm what personal data ofyours we process, and must provide you with access to that data andfurther information about our processing;
(b) the right to rectification: if requested, we must correct or complete anyinaccurate or incomplete personal data of yours;
(c) the right to erasure: you can request that we erase your personal data in limited circumstances (for instance, if we use it for marketing or no longer need it for our other purposes). This is not an absolute right and we may be entitled to retain your data where necessary (e.g. to comply with law);
(d) the right to restrict processing: you can request that we restrict the processing of your personal data in limited circumstances. Where processing has been restricted, we may continue to store your personal data and will observe the restrictions on processing except in the case of processing permitted by applicable law (for example, in connection with legal claims or for reasons of public interest);
(e) the right to object to processing: you can object to our processing of your personal data on the basis of our legitimate interests. We may be entitled to continue processing in certain circumstances (e.g. if we have compelling grounds to do so, or to comply with law);
(f) the right to data portability: you have a right to receive your data from us in an easily-portable format in limited circumstances: i.e. if we process that data on the basis of a contract with you and by automated means. This is unlikely to apply in most circumstances; and
(g) the right to complain: if you believe we are in breach of applicable law, you can complain to the Information Commissioner’s Office.
For more information, see https://ico.org.uk/concerns/.You may exercise any of your rights in relation to your personal data by written notice to us.
(a) Strictly necessary cookies. These are cookies that are required for the operation of the Site, such as cookies that enable you to log into secure areas;
(b) Analytical/performance cookies. They allow us to collect usage data to analyse the use of our Site.
(c) Functionality cookies. These recognise users to enable us to remember user preferences (for example, your choice of language or region);
You can contact us:
(a) by post at at Rochford Primary School, 6 Ashingdon Road, Rochford, Essex, SS41NJ
(b) using the contact form/link on the Site;
(c) by telephone at 01702 558619; or
(d) by email at email@example.com
Third Parties and SecurityThe Site may contains links to third party websites or refer to third party service providers and other entities. If you follow a link to any third party website or deal with any third party entity referred to on the Site, then you should note that these third parties may have their own privacy and cookie policies, and that we are not responsible for their use of any personal data which you may provide to them. You should ensure that you have read and understood any relevant policies. Although we do our best to ensure the security of personal data provided to us (and to use only reputable service providers), any transmission of data via the Internet is by its nature insecure and we cannot guarantee the security of any personal data you provide to us.
Changes to this PolicyWe may notify you of material changes to this Policy using the contact details youhave given us, and otherwise may update this Policy from time to time on our Site.You should check this Policy from time to time.
Last Updated: 25th May 2023