The General Data Protection Regulation (GDPR) applies to personal data. Within our Academy we process data on pupils, parents, staff and academy councillors. We follow the six data protection principles that require that personal data shall be:

  1. Processed fairly, lawfully and transparently.
  2. Obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose(s).
  3. Adequate, relevant and not excessive in relation to the purpose(s) for which it is processed.
  4. Accurate and, where necessary, kept up to date.
  5. Not kept for longer than is necessary for that purpose(s).
  6. Kept secure, i.e. protected by an appropriate degree of security.


The following are policies, procedures and other documents linked to data protection:

  • Data Protection Policy
  • CCTV Policy
  • Data Breach Policy
  • Procedure for Receiving and Responding to Subject Access Requests
  • Pupil Privacy Notice
  • Parent/Carer Privacy Notice
  • Workforce Privacy Notice
  • Recruitment Privacy Notice


The Data Protection Officer (DPO) for all academies within The Mead Educational Trust is:

Cathy Brown

The Mead Centre

343 Gipsy Lane



0116 214 3148

[email protected]