That’s why SWGfL has partnered with Firebird to offer a service customised to the needs of schools, as an affordable price point. From a fully outsourced service, to a pay-as-you go offering, we’re here to help you. A list of what you can already use and guidance on how to get new services approved is available on the ISD website. Work is stored securely, under the same agreement that covers our other Microsoft products.

Before you use a cloud service, you should know what kind of data you’re going to store, or share and who is responsible it. We’ve changed our service offer for schools as we know that for some schools, your Data Protection Officer may be someone you’ve appointed from within. We understand the challenges DPOs face when juggling their DPO duties alongside their other roles, whilst at the same time keeping up to date with their knowledge of the GDPR legal requirements. We never share an individual’s information with any third parties for the purpose of direct marketing. When this is needed information may be transferred to countries or territories around the world. However any transfers must be made in full compliance with all aspects of the Data Protection Act.

Cantium’s DPOs have a wealth of proven experience in supporting over 250 schools. Our latest survey showed 94% of customers are ‘extremely satisfied’ with the service. Utilising our expert advice and guidance, you can be confident in resolving any compliance challenges that come your way.

You mustn’t use consumer cloud services for personal data unless you’ve both sought the necessary authorisation and consulted Legal Services. Provided by a specialist education Data Protection Officer (DPO) with over 20 years experience and holding a Masters Degree in data protection laws. Be assured that you will receive outstanding, education focussed, service and support. Testimonials from schools demonstrate just how valuable Firebird’s support is. We ensure that our organisation treats personal information lawfully and fairly in line with our data protection policy and privacy policy.

This policy will apply to all such processing activities regardless of where the processing takes place or the nationality of the individuals involved. All processing of personal data undertaken by the University must conform to this Policy and guidance produced by the UK Supervisory Authority, the Information Commissioner’s Office. The legal basis for the processing of data for these purposes is that the NHS is an official authority with a public duty to care for its patients, as guided by the Department of Health and data protection laws. It is appropriate to do so for health and social care treatment of patients and the management of health or social care systems and services.

Privacy By Design

If you would like to learn more about our GDPR Support Desk, book a chat with a member of our team and we can talk through the many ways we can support you. Breaches are punishable by very significant fines of up to £17.5 million or 4% of global annual turnover, whichever is higher. itservice-datenschutz may be disclosed to the police if requested under a court order by a judge.

Global Privacy Program Management

Many cloud services are based outside the European Economic Area (EEA) and if you’re sticking any personal data there you’ll need to consider the GDPR (General Data Protection Regulation). This doesn’t prevent you from using them, but it does mean you need to go the extra mile to apply an adequate level of security. Consumer cloud services are usually fine for public data and for most internal data.

Our team consists of industry certified and experienced privacy leaders, consultants, and project managers. We help embed privacy and data protection at the heart of the organization’s culture and operations. Revenues data, which includes Council Tax and Business Rates information, may also be provided to, and used for checks with other Council departments where it is needed by them to carry out their functions. For example, data can be used to help identify properties that have been empty for a while to encourage owners to bring them back into use and schools may also check Council Tax records where there are enquiries relating to pupil admissions. Customer names and contact addresses are also being held by Doncaster Council for the introduction of a single customer account.

Children’s Social Care Information

Contact us now for a friendly, no-obligation discussion or to request more information about our outsourced DPO or GDPR compliance services. We’re in London, Southampton, the Midlands and North West and support clients across the UK and globally. Personal data can also include special categories of data such as information relating to an individual’s ethnicity, health and sexual orientation. There are stricter rules governing how special category data is obtained and used by organisations, due to the sensitivity of the information.

The information is not shared with anyone outside of London Nightline before, during or after the recruitment drive. Any service data about service users, which we pass onto the Nightline Association for statistical analysis, remains anonymous and is therefore not considered personal data under GDPR. The caller’s IP address and email are stored in the back-end of our parent organisation, the Nightline Association for 30 days before being deleted. Volunteers at London Nightline cannot access this information, and the Nightline Association does not access the databases, except in exceptional circumstances where system administrators must undertake system maintenance. The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or the government.