Scroll down for Policies. Just click on the links to download what you want to use.
A mandatory policy which defines a data breach and explains your organisation’s procedure if one occurs. This also includes a breach reporting form.
A mandatory policy which explains how your organisation handles personal data in line with data protection law. We recommend that you publish this on your website for service users (e.g. parents, visitors) and so staff understand what is expected of them.
A non-mandatory policy to explain the security measures adopted by your organisation to ensure the confidentiality, integrity and availability of personal data and other information assets. It defines the roles and responsibilities of individuals within the organisation to achieve this (to be adapted as required by the organisation).
A mandatory policy which describes how long a particular type of personal data will be kept, and how it will be securely destroyed. To be published to inform parents and visitors, and to ensure staff understand their responsibilities.
A template policy to explain your organisation’s use of CCTV, including the purpose, camera locations, and retention periods.
