Privacy Policy

Under data protection law, individuals have a right to be informed about how the school uses any personal data that we hold about them. We comply with this right by providing ‘privacy notices’ (sometimes called ‘fair processing notices’) to individuals where we are processing their personal data.

This Privacy policy provides you with details of how we collect and process your personal data through your use of the Coastal Academies Trust website: https://www.coastalacademiestrust.co.uk.

By providing us with your data, you warrant to us that you are over 13 years of age.

Coastal Academies Trust is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy policy).

If you have any questions about this privacy notice, please contact the Data Protection Officer Judy Brace using the details set out below.

The Data We Collect / How Its Processed / Grounds For Processing

Personal data means any information capable of identifying an individual. It does not include anonymised data.

We may process the following categories of personal data about you:

  • Communication Data – any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
  • User Data – data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain backups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.

We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary. In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing.

We may process your personal data without your knowledge or consent where this is required or permitted by law.

We do not carry out automated decision making or any type of automated profiling.

Sensitive Data

We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic and biometric data, criminal convictions and offences.

How Do We Collect Your Personal Data?

We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails).

Data Security

We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

Data Sharing

We do not share information with any third party without consent unless the law and our policies allow us to do so.

Your Legal Rights

How to access the personal information we hold about you

Individuals have a right to make a ‘subject access request’ to gain access to personal information that the school holds about them.

If you make a subject access request, and if we do hold information about you, we will:

  • Give you a description of it
  • Tell you why we are holding and processing it, and how long we will keep it for
  • Explain where we got it from, if not from you
  • Tell you who it has been, or will be, shared with
  • Let you know whether any automated decision-making is being applied to the data, and any consequences of this
  • Give you a copy of the information in an intelligible form

You may also have a right for your personal information to be transmitted electronically to another organisation in certain circumstances.

If you would like to make a request, please contact our data protection officer.

Your other rights regarding your data

Under data protection law, individuals have certain rights regarding how their personal data is used and kept safe. You have the right to:

  • Object to the use of your personal data if it would cause, or is causing, damage or distress
  • Prevent your data being used to send direct marketing
  • Object to the use of your personal data for decisions being taken by automated means (by a computer or machine, rather than a person)
  • In certain circumstances, have inaccurate personal data corrected, deleted or destroyed, or restrict its processing
  • Claim compensation for damages caused by a breach of the data protection regulations

To exercise any of these rights, please contact our data protection officer.

Complaints

We take any complaints about our collection and use of personal information very seriously.

If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.

To make a complaint, please contact our data protection officer.

Alternatively, you can make a complaint to the Information Commissioner’s Office:

  • Report a concern online at https://ico.org.uk/concerns/
  • Call 0303 123 1113
  • Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Contact Us

If you have any questions, concerns or would like more information about anything mentioned in this privacy notice, please contact our data protection officer: Judy Brace: judybrace@kingethelbert.kent.sch.uk.