A template Data Protection Impact Assessment for schools using uCheck. This should be adapted to be true for your school and sent to Veritau or your Data Protection Officer for sign-off. This template is subject to change.

A template Data Protection Impact Assessment for schools using Securly. This should be adapted to be true for your school and sent to Veritau or your Data Protection Officer for sign-off. This template is subject to change.

A template Data Protection Impact Assessment for schools using Studybugs. This should be adapted to be true for your school and sent to Veritau or your Data Protection Officer for sign-off. This template is subject to change.

Information Rights Request

Below are a selection of template letters that can be used when processing a Freedom of Information (FOI) request.

Dos and Don’ts of Data Protection for School Employees

This short guide will assist you to get started with the first steps to take upon starting the DPO service, including adopting our suite of model documentation.

A template Data Protection Impact Assessment for schools using A Start Attendance. This should be adapted to be true for your school and sent to Veritau or your Data Protection Officer for sign-off. This template is subject to change.

A template Data Protection Impact Assessment for schools using Securus, This should be adapted to be true for your school and sent to Veritau or your Data Protection Officer for sign-off. This template is subject to change.

A template Data Protection Impact Assessment for schools using Netsweeper OnGuard. This should be adapted to be true for your school and sent to Veritau or your Data Protection Officer for sign-off. This template is subject to change.

Article 28 of the UK GDPR requires that a specific set of data processing clauses is included in any contract between the school or Trust and any supplier or IT application processing personal information on your behalf. To assist you, we have checked the contracts for many commonly used processors and provided an assurance rating. This information can be added to the data processor list in your Information Asset Register. Please note that this document will be updated regularly and is subject to change.

Most schools participate in surveillance activities without realising it. For example, CCTV and e-monitoring are forms of surveillance. Use of biometrics such as fingerprints is a similarly high-risk area of processing that requires consideration of privacy implications and transparency requirements. This themed audit will help schools carrying out CCTV, e-monitoring and/or collection of biometric data to ensure that you have the appropriate documentation and records to carry out these activities in accordance with the law.