CHARGING AND REMISSIONS POLICY
The Board of Governors have adopted the following Charging and Remissions Policy:
A. CHARGING POLICY
It is the policy of the Governors to charge for:-
Board and lodgings on residential visits
Costs associated with the provision of individual tuition on a musical instrument whether inside or outside school hours unless it is provided as part of the syllabus for an approved public examination or to meet the requirements of Article 11 (1) (b) of the Order
The cost, in cash or in kind, of ingredients or materials needed for practical subjects (such as Craft and Design) where parents have indicated in advance a wish to own the finished product
Optional extra activities which take place wholly or mainly outside school hours and are additional to the education provided by the school for the purposes of preparing pupils for an approved public examination or for the purposes of meeting the statutory requirements imposed by Articles (1) (a) and (b) of the 1989 Order.
Participation in any such activities is to be on the basis of parental choice and a willingness to meet such charges as are made.
B. REMISSION POLICY
Charges will be remitted as follows:
The charge for the board and lodgings cost of a residential visit will be remitted in the case of pupils whose parents are in receipt of income support or family credit if the education provided on that visit must otherwise be provided free, that is, the activity takes place mainly or wholly in school hours and/or is provided as part of the syllabus for an approved public examination or is required in order to fulfil statutory duties in relation to the Northern Ireland Curriculum or Religious Education.
C VOLUNTARY CONTRIBUTIONS
In cases of activities within school time which the school cannot afford, the school will attempt to subsidise these by asking in advance for voluntary contributions from the parents of those children directly involved. Such requests for contributions will indicate the actual costs to the school and suggest this as a suitable contribution. All the children in the group will take part in the activity, whether their parents have contributed or not. In cases where contributions are such that the school through the school fund cannot make up the short fall, the activity will not take place and all contributions already made by parents for the specific activity will be returned to them.
The Board of Governors reserves the right to seek to recover from parents the whole or part of the cost of breakages and losses incurred as a result of a pupil’s behaviour.
INSPECTION OF DOCUMENTS
Documents are available for inspection at the school should parents request this. Parents wishing to inspect any of the following should give written notice to the Principal at least 3 clear school days in advance of the time they wish to see them. (This does not preclude an informal request to the Principal, who may make the documents immediately available, if this is convenient). Copies of the documents may also be made available if a week’s clear notice is given. Payment for copying will be required in advance. The documents available for inspection are:
The Governors’ statement of the aims of the school. Any statutory instruments, DENI circulars or administrative memoranda sent to the Principal or the governing body in relation to Part 111 of the 1989 Order.
Any published HMI Reports referring expressly to the school.
The arrangements made by the Western Education & Library Board for the consideration and disposal of complaints under Article 33 of the 1989 Order.
The agreed syllabus for Religious Education adopted by the Board.
CHANGES IN SCHOOL ARRANGEMENTS
Changes occur from time to time in the staffing and organisation of the school and parents will be informed of these by newsletter. The summaries on this webpage give the present arrangements with effect from September 2007.
SCHOOLS DATA PROTECTION POLICY
The Board of Governors have adopted the following Schools Data Protection Policy:
At Jones Memorial Primary School, we believe privacy is important. We are committed to complying with our data protection obligations and to being concise, clear and transparent about how we obtain and use Personal Information and how (and when) we delete that information once it is no longer required.
We will review and update this data protection policy regularly in accordance with our data protection obligations.
Any queries in relation to this Policy or any of the matters referred to in it should be submitted to the Principal Mrs Sandra Isherwood.
The following policies, procedures and documents are also relevant to this Policy:
• Data Breach Management Procedure
• Subject Access Request Procedure
• Department of Education Document Disposal Schedule
• Internet Safety Policy
• E-safety Policy
• Assessment Policy
• Social Media Policy
• Criminal Record Information
• Pastoral Care Booklet & Pastoral Care Response Book
• Annual Board of Governors Report
• Admissions Criteria
• School Prospectus
DATA PROTECTION POLICY
1.1. The School is subject to the General Data Protection Regulation (GDPR) which imposes obligations on the School as a data controller in relation to the protection, use, retention and disposal of Personal Information. This Policy sets out the procedures that are to be followed when dealing with Personal Information and applies to all Personal Information processed by or on behalf of Jones Memorial Primary School
1.2. You must read this Policy because it gives important information about:
1.2.1. the data protection principles with which Jones Memorial Primary School must comply;
1.2.2. what is meant by Personal Information and Special Category Data;
1.2.3. how we gather, use and (ultimately) delete Personal Information and Special Category Data in accordance with the data protection principles;
1.2.4. where more detailed Privacy Information can be found, e.g. about the Personal Information we gather and use about you, how it is used, stored and transferred, for what purposes, the steps taken to keep that information secure and for how long it is kept;
1.2.5. your rights and obligations in relation to data protection; and
1.2.6. the consequences of our failure to comply with this Policy.
Please refer to the School’s privacy notices www.jonesmemorial.co.uk and, where appropriate, to other relevant policies including in relation to Data Breach Management Procedure,( Subject Access Request Procedure, Department of Education Document Disposal Schedule ,Internet Safety Policy, E-safety Policy, Assessment Policy, Social Media Policy and Criminal Record Information) which contain further information regarding the protection of Personal Information in those contexts.
Data Protection Principles
2.1. GDPR sets out the following principles with which any party handling Personal Information must comply. All Personal Information must be:
2.1.1. processed lawfully, fairy and in a transparent manner;
2.1.2. collected for specified, explicit and legitimate purposes only, and will not be further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
2.1.3. adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
2.1.4. accurate and, where necessary, kept up to date and take reasonable steps to ensure that inaccurate Personal Information are deleted or corrected without delay;
2.1.5. kept in a form which permits identification of individuals for no longer than is necessary for the purposes for which the information is processed; Personal Information may be stored for longer periods insofar as the data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes subject to implementation of the appropriate technical and organisational measures required by GDPR in order to safeguard the rights and freedoms of the individual; and
2.1.6. processed in a manner than ensures appropriate security of the Personal Information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Lawful, Fair and Transparent Processing
3.1. The School will, before any processing of Personal Information starts for the first time, and then regularly while it continues:
3.1.1. process the Personal Information on at least one of the following bases:
• the individual has given their express agreement to the processing of their Personal Information for one or more specific purposes;
• parental consent will be obtained for any child aged under 13 years old;
• the processing is necessary for the performance of a contract to which the individual is party or in order to take steps at the request of the individual prior to entering into a contract;
184.108.40.206. Legal Obligation:
• the processing is necessary for compliance with a legal obligation to which the School is subject;
220.127.116.11. Vital Interests:
• the processing is necessary for the protection of the vital interests of the individual or another natural person; or
18.104.22.168. Public Interest:
• the processing is necessary for the performance of a task carried out in the public interest or exercise of official authority; or
22.214.171.124. Legitimate Interests:
• the processing is necessary for the purposes of legitimate interests of the School or a third party, except where those interests are overridden by the interests of fundamental rights and freedoms of the individual, in particular where the individual is a child.
3.1.2. except where the processing is based on consent, satisfy ourselves that the processing is necessary for the purpose of the relevant lawful basis (i.e. that there is no other reasonable way to achieve that purpose);
3.1.3. document our decision as to which lawful basis applies to help demonstrate our compliance with the data protection principles;
3.1.4. include information about both the purposes of the processing and the lawful basis for it in our relevant privacy notices www.jonesmemorial.co.uk
3.1.5. where Special Category Data is processed, identify a lawful special condition for processing that information and document it; and
3.1.6. where criminal offence information is processed, identify a lawful condition for processing that information and document it.
Rights of the Individual
4.1. The GDPR states that individuals have the following rights in respect of the processing of their Personal Information:
4.1.1. The right to be informed:
126.96.36.199. The School will keep individuals informed of its processing activities through its privacy notices www.jonesmemorial.co.uk
4.1.2. The right of access:
188.8.131.52. An individual may make a subject access request (“SAR”) at any time to find out more about the Personal Information which the School holds on them. All SARs must be forwarded to the Principal Mrs S Isherwood, 2 Cappog Road, Mullylogan, Enniskillen. BT74 5QF
184.108.40.206. The School is required to respond to a SAR within one month of receipt but this can be extended by up to two months in the case of complex and/or numerous requests and, in such cases, the individual will be informed of the need for such extension. The School does not charge a fee for the handling of a straightforward SAR.
4.1.3. The right to rectification:
220.127.116.11. If an individual informs the School that Personal Information held by the School is inaccurate or incomplete, the individual can request that it is rectified.
4.1.4. The right to erasure:
18.104.22.168. An individual is entitled to request that the School ceases to hold Personal Information it holds about them.
22.214.171.124. The School is required to comply with a request for erasure unless the School has reasonable grounds to refuse.
4.1.5. The right to restrict processing:
126.96.36.199. An individual is entitled to request that the School stops processing the Personal Information it holds about them in certain circumstances.
4.1.6. The right to data portability:
188.8.131.52. An individual has the right to receive a copy of their Personal Information and use it for other purposes.
4.1.7. The right to object:
184.108.40.206. An individual is entitled to object to the School’s processing of their Personal Information.
4.1.8. Rights in relation to automated decision making and profiling:
220.127.116.11. An individual has the right to challenge any decision that is made about them on an automated basis (subject to certain exceptions).
18.104.22.168. The School is also required to comply with certain conditions if it uses Personal Information for profiling purposes.
Data Protection Officer
5.1. A Data Protection Officer (DPO) is appointed who will monitor adherence to this policy.
5.2. The DPO is required to have an appropriate level of knowledge.
Privacy by Design
6.1. The School has adopted the principle of privacy by design and will ensure that the definition and planning of all new or significantly changed systems that collect or process Personal Information will be subject to due consideration of privacy issues, including the completion of one or more data protection impact assessments.
6.2. The data protection impact assessment will include:
6.2.1. Consideration of how Personal Information will be processed and for what purposes;
6.2.2. Assessment of whether the proposed processing of Personal Information is both necessary and proportionate to the purpose(s);
6.2.3. Assessment of the risks to individuals in processing the Personal Information;
6.3. What controls are necessary to address the identified risks and demonstrate compliance with legislation.
6.4. A data protection impact assessment is conducted by the Principal:
6.4.1. On every business process periodically, at least once a year and more frequently where the amount and/or sensitivity of Personal Information processed, dictates so;
6.4.2. As part of the project calendar admission requirements checklist;
6.4.3. At every high-impact change, and/or at the request of the Data Protection Officer.
Data Retention & Disposal
7.1. The longer that Personal Information is retained, the higher the likelihood is of expiry date is stored together with that Personal Information. Retention expiration triggers are connected accidental disclosure, loss, theft and/or information growing stale.
7.2. Any Personal Information kept by the School is managed in accordance with the Department of Education Disposal of Records Schedule (https://www.education-ni.gov.uk/publications/disposal-records-schedule).
8.1. A data breach is any (potential) unintended loss of control over or loss of Personal Information within the School’s environment. Preventing a data breach is the responsibility of all the School staff and its workforce.
8.2. Please refer to the School’s Data Breach Management Procedure.
Third-Party Services and Subcontracting
9.1. The School may decide to contract with a third party for the collection, storage or processing of data, including Personal Information (GL Assessment, Mathletics, Accelerated Reader)
9.2. If the School decides to appoint a third party for the processing of Personal Information, this must be regulated in a written agreement in which the rights and duties of the School and of the subcontractor are specified. A subcontractor shall be selected that will guarantee the technological and organisational security measures required in this Policy, and provide sufficient guarantees with respect to the protection of the personal rights and the exercise of those rights.
9.3. The subcontractor is contractually obligated to process Personal Information only within the scope of the contract and the directions issued by the School.
10.1. Complaints will be dealt with in line with the School’s complaints policy available in the schools office or at www.jonesmemorial.co.uk
10.2. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. The ICO’s details are as follows:
The Information Commissioner’s Office – Northern Ireland
14 Cromac Place,
Telephone: 028 9027 8757 / 0303 123 1114
“consent” is any freely given, specific and transparently, well-informed indication of the will of the individual, whereby the individual agrees that his or her Personal Information may be processed. Particular requirements about consent can arise from the respective national laws.
“Personal Information” (sometimes known as “personal data”) means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly — in particular, by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
“processing” means obtaining, recording, organising, storing, amending, retrieving, disclosing and/or destroying information, or using or doing anything with Personal Information.
“Special Category Data” (sometimes known as “sensitive personal data”) means Personal Information that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data and the processing of data concerning health or sex life.
JONES MEMORIAL PRIMARY SCHOOL PRIVACY NOTICE
For Pupils & Parents/Families/Carers/Legal Guardians
Jones Memorial Primary School is the data controller of the personal information we hold about our pupils and their parents/families/carers/legal guardians. This means that we are responsible for deciding how we hold and use the personal information which we collect.
We are required under the General Data Protection Regulation (GDPR) to notify you of the information contained in this privacy notice.
We collect and use pupil information under the Education Act (Northern Ireland) 2014 and other legislation. You may find the specific legislation at https://www.education-ni.gov.uk/department-education-legislation.
The majority of pupil information you provide to us is information which you are legally obliged to provide but some pupil information is provided to us on a voluntary basis. When collecting information from you we will inform you whether you are required to provide certain pupil information to us or if you have a choice in this.
This notice applies to prospective, current and former pupils and their families/carers/legal guardians and those applying for a place at the school and their families/carers/legal guardians. We may update this notice at any time but if we do so, we will inform you as soon as reasonably practicable.
It is important that you read and retain this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information and what your rights are under the GDPR.
If you have any questions about this privacy notice or how we handle personal information, please contact the Principal who will deal with your query. The Principal Mrs S Isherwood can be contacted on
JONES MEMORIAL PRIMARY SCHOOL
2 Cappog Road , Mullylogan
Enniskillen, Co Fermanagh
Tel: 028 66 323420
Fax:028 66 329356
Our Data Protection Officer is the Education Authority and it monitors the school’s data protection procedures to ensure they meet the standards and requirements of the GDPR]. Please contact the Principal Mrs Sandra Isherwood Data Protection Officer at Jones Memorial Primary School.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. The ICO’s details are as follows:
The Information Commissioner’s Office – Northern Ireland
14 Cromac Place,
Telephone: 028 9027 8757 / 0303 123 1114
HOW DO WE COLLECT AND HOLD PERSONAL INFORMATION?
We collect some personal information about our pupils and their families/carers/legal guardians during a pupil’s application process to the school.
We will sometimes collect additional information from third parties such as the Education Authority, Department of Education, examination board or previous school attended by a pupil.
We mainly collect personal information about our pupils and their families/carers/legal guardians throughout the course of the pupil’s time at the school, for instance when completing educational visit consent forms, from statutory curriculum assessments and throughout our relationship with a pupil when we are exercising our legal obligations as a public educational body and during our pastoral care.
WHAT PERSONAL INFORMATION DO WE COLLECT, STORE AND USE ABOUT OUR PUPILS?
Personal information is information that identifies you and relates to you. We will collect, store and use the following categories of personal information about our pupils:
• Personal information (such as name, age, date of birth, photographs, unique pupil number, ethnicity & religion)
• Contact information (such as address, emergency contact information and telephone number)
• Attendance information (such as sessions attended, number of absences and absence reasons)
• Assessment information (such as statutory assessment process and standardised tests provided by commercial companies)
• Exclusion and behavioural information
• CCTV footage captured in school and other information obtained through electronic means
• Non-sensitive characteristic data (such as free school meal eligibility)
• Special categories of data (such as ethnicity, language, country of birth, nationality, information regarding health, special educational needs, allergies and disability).
WHAT PERSONAL INFORMATION DO WE COLLECT, STORE AND USE ABOUT OUR PUPILS’/ PARENTS/FAMILIES/CARERS/LEGAL GUARDIANS?
We will collect, store and use the following categories of personal information about our pupils’/parents/families/carers/legal guardians:
• Personal information (such as name, age, date of birth and photographs)
• Contact information (such as address and telephone number)
• Financial information (such as bank account details and payment history)
• CCTV footage captured in school and other information obtained through electronic means
WHY DO WE COLLECT, STORE AND USE THIS INFORMATION?
We will only use personal information when the law allows us to. Most commonly, we will use personal information relating to our pupils and their parents/families/carers/legal guardians where we need to comply with our legal obligations and where it is needed in the public interest for us to exercise our authority as a public educational body.
In some cases we may use personal information where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, the school has a legitimate interest in providing pupils with an education, safeguarding and promoting pupil welfare, facilitating the efficient operation of the school.
We may also use your personal information, less frequently to protect a pupil’s or their family’s interests (or someone else’s interests). For example, when investigating a complaint made by another pupil.
We keep personal information electronically on the School’s information management systems, the School’s IT network, or manually in indexed filing systems.
Situations in which we will use personal data, including special category data, include:
• Teaching & Learning
o to monitor and report on pupil progress
o to provide appropriate pastoral care
• Statutory Returns
o to monitor equal opportunities
• Safeguarding & Child Protection
o to safeguard pupils
o to manage a pupil’s absence
o to comply with health and safety obligations
o to comply with the law regarding data sharing
• Business Continuity
o to assess the quality of our services
• Access to Systems
o to support pupil learning
o to foster links between the school and the local community, including fundraising events
• Sound Financial Management
o to provide more efficient means of payment for school facilities such as catering services
Whilst the majority of the personal data provided to the school is required for us to comply with our legal obligations, some of that information is provided on a voluntary basis through parental consent (namely, a parent’s/carer’s/legal guardian’s express agreement). A pupil aged 13 or over is considered capable of giving consent themselves and will not require express agreement from a parent/carer/legal guardian.
Where we need consent, for example fingerprint access, the school will provide the person with parental responsibility for a pupil or, if aged 13 or over, the pupil themselves, with a specific and clear notice which explains the reasons why the data is being collected and how the data will be used. You should be aware if you do not consent to our collection of this type of data, this will not affect the standard of education we deliver to the pupil.
If we ask for your consent to use personal information, you can take back this consent at any time. Please contact the school if you would like to withdraw any consent you have given.
Please be aware that we do not need to obtain parental consent if personal data is to be processed for the purposes of obtaining counselling services for the child.
HOW LONG IS DATA STORED FOR?
We will only keep personal information for as long as necessary to fulfil the purposes we collected it (for example, to educate and look after pupils) and including for the purposes of satisfying any legal, accounting, or reporting requirements.
We do not store personal data forever; we only hold pupil and family data for as long as we are legally able to do so. However, sometimes we will keep personal information for historical reasons (e.g. year group or sports team photographs) but you will always have a right to ask for it to be destroyed.
This is a link to the Department of Education Document Retention and Disposal Policy which can be found at https://www.education-ni.gov.uk/publications/disposal-records-schedule.This will give you more information about how long we keep personal information.
In determining the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a need to know. They will only process personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator (currently the Information Commissioner’s Office) of a suspected breach where we are legally required to do so.
WHO WE SHARE PUPIL INFORMATION WITH
We may have to share pupil and their family’s data with third parties, including third-party service providers and other bodies such as:
• the new school/s that the pupil attends after leaving us
• the Department of Education
• the Education Authority for Northern Ireland
• Northern Ireland Council for Curriculum Examinations and Assessments
• The Board of Governors
• General Teaching Council for Northern Ireland
• Post-Primary School Pupil Movement Information (transfer, CTF & CFER)
• Middletown Centre for Autism
• Exceptional Circumstances Body
• Department of Health and Health & Social Care Trusts
• C2K School Management Information System
• Data Systems such as [e.g. Doddle, See-Saw, MLS
• Accelerated Reader, Mathletics, Education City
• Examination Boards such as AQA, CCEA and Excel
• Commercial standardised test providers
Why we share pupil information
We do not share information about our pupils with anyone without consent unless the law and our policies allow us to do so. We only permit access to personal data for specified purpose and in accordance with our instructions.
We are required to share pupils’ data with the Department of Education and/or the Education Authority on a statutory basis. This data sharing underpins school funding and educational attainment policy and monitoring. We also share information with the NHS or a pupil’s destination upon leaving school.
The Department of Education has a legal right to ask for particular information under the Education and Libraries (NI) Order 2003 and is referred to as the “School Census”. This information includes information on pupil characteristics such as date of birth, gender, ethnicity, religion, free school meal entitlement and special educational needs status. A number of statistical releases are made available through the Department of Education website covering data on enrolments, participation rates, pupil teacher ratios, school leavers, attendance and school performance
TRANSFERRING DATA OUTSIDE THE EU
We will not transfer the personal information we collect about you to any country outside the EU without telling you in advance that we intend to do so and what steps we have taken to ensure adequate protection for your personal information in those circumstances.
YOUR RIGHTS OF ACCESS, CORRECTION, ERASURE AND RESTRICTION
Under GDPR, pupils/parents/families and carers have the right to request access to information about them that we hold. To make a request for your personal information, or be given access to your child’s educational record, contact the Principal, Mrs S Isherwood.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Under certain circumstances, by law a parent/carer/legal guardian or a child over the age of 13 has the right to:
· Request access to personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and your child and to check that we are lawfully processing it. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
· Request correction of the personal information that we hold about you and your child. This enables you to have any incomplete or inaccurate information we hold corrected.
· Request erasure of personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
· Object to processing of personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing you and your child’s personal information for direct marketing purposes.
· Request the transfer of your personal information to another party, for instance a new school.