The General Data Protection Regulation (GDPR) provides a modernised, accountability-based compliance framework for data protection in Europe. It is intended to strengthen privacy rights in relation to personal information. The accountability principle in Article 5(2) of the GDPR requires data controllers to demonstrate that they comply with the good practice principles set out in the Regulation, and states explicitly that this is their responsibility. The school is the data controller of the personal information you provide to us. Further information about the new law can be found on the Information Commissioners website. Please click here for this information.