The Data Protection Act (2018) and our Trust Data Protection Policy, gives any individual the right to obtain confirmation if their data is being processed by us and to have access to the personal data we hold. The right of access to this information is referred to as Subject Access Request (SAR).

We aim to provide access to personal data within one month of receipt of a subject access request. If a request is complex, an extension of up to a further two months may be requested from the individual making the request. The Data Protection Officer, or a member of our team, will communicate regularly with individuals where this is the case.

A copy of the information will be provided free of charge. However, a reasonable fee may be charged if a request is found to be excessive, or where information is requested repeatedly. We will always notify the individual making a request if we intend to make a charge, and why.

Subject access requests will be accepted from:

1. The individual whose data is being requested (also known as the Data Subject).
2. A representative of the Data Subject who has written consent (e.g. a parent; a solicitor; a court appointed representative if the Data Subject could no longer manage his or her own affairs; a person with enduring Power of Attorney).
3. The parent or guardian of a child under 16 years of age: In cases where the child agrees, or it is in the child’s best interest for access to the data to be given.

Please:

• Download and complete a copy of our Subject Access Request Form, and;
  
• Email form

Please note that we will use reasonable means to verify the identity of the individual making the request, but may require individuals to visit one of our academies with proof of their identity in order to receive copies of access request responses.

One of the key principles which underpins UK Data Protection Law is the right of an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing. This is also known as the ‘right to be forgotten’.

Individuals may have a right to have personal data erased and to prevent processing in specific circumstances such as:

• Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
• When the individual withdraws consent.
• When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
• Where the personal data was unlawfully processed (i.e. otherwise in breach of the Data Protection Act).
• The personal data must be erased to comply with a legal obligation.

Please note that the right to erasure does not provide an absolute ‘right to be forgotten’. Under Data Protection Law the Trust can refuse to comply with a request for erasure where the personal data is processed for particular reasons. This will always be explained to you by our Data Protection Officer if your request cannot be carried out.

Please:

• Download and complete a copy of our Data Erasure Request Form, and;
• Email form. Each request will be dealt with on a case by case basis.

Yes. We take all concerns and questions relating to data protection, use of personal information and the experience of our children and young people with the utmost importance. If you would like to speak to the Data Protection Officer with a question or concern before making a formal request, please do not hesitate to contact them by e-mail or by contacting the Clerk and Company Secretary to the Trust, Mrs Sue Hawley.

Sue Hawley
E: shawley@potteries.ac.uk
T: 01782 854227 (Direct)
T: 01782 848736 (Ext 307)