Bolton Islamic Girls School is committed to keeping your personal information safe and secure. This notice is intended to provide information about how the School will use or “process” personal data about individuals including current, past and prospective pupils (“pupils”) and their parents, carers or guardians (referred to in this notice as “parents”). If you find this letter difficult to understand, you can ask your parents or another adult such as your teacher to help you understand it.
Responsibility for Data Protection
The data controller for personal information held by Bolton Islamic Girls School is registered with the Information Commissioner’s Office (ICO). The Data Protection Officer, Ms Sophina Ishaq, is responsible for ensuring that BIGS complies with the Data Protection Law. She can be contacted on email@example.com. The Headteacher in each school is responsible for ensuring that their school complies with Trust’s policies and procedures in relation to Data Protection.
The personal data we hold
We hold some personal information about you to make sure we can help you learn and look after you at school. For the same reasons, we get information about you from some other places too, like other schools, the local council, medical and education professionals, and the government. This information includes:
- Personal information and contacts (such as name, unique pupil number, contact details and address)
- Characteristics (such as language)
- Attendance information (such as sessions attended, number of absences, absence reasons and any previous schools attended)
- Medical information (such as doctor’s information, child health, allergies, medication and dietary requirements, information forming part of an EHCP)
- Special Educational Needs information (including the needs, information from other professional services, information contained in an EHCP)
- Safeguarding information (such as court orders and professional involvement)
- Behavioural information (such as exclusions and any relevant alternative provision put in place)
- Assessment and attainment information (such as key stage 1 and phonics results, key stage 2 results, post 16 courses enrolled for and any relevant results)
- School trip information (such as consents and current medical issues, or voluntary contributions made)
- Provision of educational software in support of teaching and learning
- Information required in order to meet our statutory requirements for statutory returns and audit.
- CCTV capture images, to keep our premises safe and secure for all users. This list is not exhaustive.
Why we use this information
We use this data to help run the school, including to:
- provide you with an education including career services and extra-curricular activities
- Look after your wellbeing (safeguard pupils’ welfare and provide appropriate pastoral (and where necessary, medical) care).
- monitor pupils’ progress and educational needs;
- enable pupils to take part in national or other assessments, and to publish the results of public examinations or other achievements of pupils at the school.
- maintain relationships with the school community.
- help us with management planning and forecasting, research and statistical analysis and to enable us to monitor the Trust’s performance.
- monitor use of the Trust’s IT systems in accordance with the school’s Acceptable Use Policy.
- receive information about current and prospective pupils from any educational institution that they attended.
- confirm the identity of prospective pupils and their parents.
- use photographic or video images of pupils in learning journeys or in school displays for legitimate educational purposes. Photographs for promotional use or for use in school newsletters or school or other websites or media will only be used with pupils’/ parents’ permission.
- create invoices and process payments for services such as school meals, school trips etc.
- for security purposes, and for regulatory and legal purposes (for example child protection and health and safety) and to comply with its legal obligations.
- receive reports from any organisation that may be working with your child.
- where otherwise reasonably necessary for the school’s purposes, including to obtain appropriate professional advice and insurance for the Academy.
- to keep you updated about the running of the school (such as emergency closures), events or activities including by sending updates and newsletters by email and post.
- administer admissions waiting lists
Use of personal data for marketing purposes
Where you have given us consent to do so, we may send you marketing information by email or text promoting school events, campaigns, charitable causes or services that may be of interest to you. This may include relevant and appropriate information about fundraising events held by the school PTA or other local charities, or information about local commercial or not for profit services such as holiday clubs, child-friendly activities or other children’s services. You can withdraw consent or ‘opt out’ of receiving these emails and/or texts by contacting the School office. We commission school photographers to take photos of pupils which are uploaded to our student information management systems. You may be offered these photographs for purchase through such service providers but there is no obligation to buy your child’s photograph. We always obtain data sharing agreements for any such providers. We never sell your data.
Our legal basis for using this information
We will only collect and use your information when the law allows us to. Most often, we will use your information where:
- We need to comply with the law (in meeting the statutory duties placed upon us)
- We need to use it to carry out a task in the public interest (in order to provide you with an education) Sometimes, we may also use your personal information where:
- You, or your parents/carers have given us permission to use it in a certain way
- We need to protect your or someone else’s vital interests (protect your life) Where we have got permission to use your data, you or your parents/carers may withdraw this at any time. We will make this clear when we ask for permission and explain how to go about withdrawing consent. Some of the reasons listed above for collecting and using your information overlap, and there may be several grounds which mean we can use your data.
Collecting this information
Pupil data is essential for the schools’ operational use. While in most cases you, or your parents/carers, must provide the personal information we need to collect, there are some occasions when you can choose whether or not to provide the data. We will always tell you if it’s optional. If you must provide the data, we will explain what might happen if you don’t. In addition, when a child joins us from another school, we receive a secure file containing relevant information called a Common Transfer File (CTF). We ask parents to keep pupil information up to date through the forms sent yearly for parents to update information. If changes occur before the forms are given out, such as change of name/address or contact telephone numbers then you must notify us immediately.
We keep personal information about pupils and parents/ carers while they are attending our school. We may also keep it beyond their attendance at our school if this is necessary in order to comply with our legal obligations. For information on our Records Management schedule, and how we keep your data safe, please read our Records Management Policy on the Bolton Islamic Girls School website or ask for a copy at the school admin office.
Sharing pupil information
We share data for the reasons listed above (“Why we collect and use this information”). We will never sell your data. We do not share personal information about you with anyone outside the school without permission from you or your parents/carers, unless the law and our policies allow us to do so.
Where it is legally required, or necessary for another reason allowed under data protection law we may share personal information about pupils with:
- Our local authority – to meet our legal obligations to share certain information with it, such as safeguarding concerns and exclusions
- The Department for Education
- The pupil’s family and representatives
- Educators and examining bodies
- Youth support / Careers guidance services (pupils aged 13+)
- Our regulator (Ofsted)
- Financial organisations
- Our auditors
- Survey and research organisations
- Health authorities such as the School Nurse and other medical professionals
- Health and social welfare organisations
- Security organisations
- Professional advisers and consultants
- Charities and voluntary organisations in support of pupils’ needs
- Police forces, courts, tribunals
- Professional bodies
- Schools that the pupils attend after leaving us
- our ICT support suppliers,
- Suppliers and service providers and educational software providers in support of teaching and learning to enable them to provide the service we have contracted them for such as:
- Educational Software – in support of teaching and learning
- Assessment software – in support of pupil assessment e.g. School Pupil Tracker, Kerboodle, Hegarty maths, Time table rockstars, Mathletics, Storybird, Speechlink, Diagnostic Questions, SPAG test. This list is not exhaustive.
- Egress Switch – to provide encrypted secure file transfer within Microsoft Outlook
- Microsoft Outlook – email communication system
- Microsoft One Drive and Google docs
This list is not exhaustive. We may also share your information with:
- other partners, where we have your consent.
- other third-party partners, where we have your consent, providing services such as after school clubs
National Pupil Database
We are required to provide information about you to the Department for Education (a government department) as part of data collections such as the school census. Some of this information is then stored in the National Pupil Database, which is managed by the Department for Education and provides evidence on how schools are performing. This, in turn, supports research. The database is held electronically so it can easily be turned into statistics. The information it holds is collected securely from schools, local authorities, exam boards and others. The Department for Education may share information from the database with other organisations which promote children’s education or wellbeing in England. These organisations must agree to strict terms and conditions about how they will use your data. You can find more information about this on the Department for Education’s webpage on how it collects and shares research data. You can also contact the Department for Education if you have any questions about the database.
Youth support services
Once you reach the age of 13, we are legally required to pass on certain information about you to the local authority or youth support services provider in your area, as it has legal responsibilities regarding the education or training of 13-19 year-olds. This information enables it to provide youth support services, post-16 education and training services, and careers advisers. Your parents/carers, or you once you’re 16, can contact our data protection officer to ask us to only pass your name, address and date of birth to the local authority or youth support services provider.
Transferring data internationally
Where we share data with an organisation that is based outside the European Economic Area, we will protect your data by following data protection law.
How to access personal information we hold about you
You can find out if we hold any personal information about you, and how we use it, by making a ‘subject access request’, as long as we judge that you can properly understand your rights and what they mean. If we do hold information about you, we will:
- Give you a description of it
- Tell you why we are holding and using it, and how long we will keep it for
- Explain where we got it from, if not from you or your parents
- Tell you who it has been, or will be, shared with
- Let you know if we are using your data to make any automated decisions (decisions being taken by a computer or machine, rather than by a person)
- Give you a copy of the information You may also ask us to send your personal information to another organisation electronically in certain circumstances.
If you want to make a request please contact our Data Protection Officer at SophinaIshaq.firstname.lastname@example.org
Your other rights over your data You have other rights over how your personal data is used and kept safe, including the right to:
- Say that you don’t want it to be used if this would cause, or is causing, harm or distress
- Stop it being used to send you marketing materials
- Say that you don’t want it used to make automated decisions (decisions made by a computer or machine, rather than by a person)
- Have it corrected, deleted or destroyed if it is wrong, or restrict our use of it
- Claim compensation if the data protection rules are broken and this harms you in some way
We take any complaints about how we collect and use your personal data very seriously, so please let us know if you think we’ve done something wrong. You can make a complaint at any time by contacting our Data Protection Officer, SophinaIshaq.email@example.com . You can also complain to the Information Commissioner’s Office in one of the following ways: Online: https://ico.org.uk/concerns/ Call: 0303 123 1113 Write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
If you have any questions, concerns or would like more information about anything mentioned in this privacy notice, please contact our Data Protection Officer: Sophina Ishaq SophinaIshaq.firstname.lastname@example.org.