Kyra Teaching School are designated as a teaching school with Mount Street Academy as the Lead School, Mount Street Academy is part of CfBT Schools Trust.
We, CfBT Schools Trust are the ‘data controller’ for the purposes of data protection law.
CfBT Schools Trust data protection officer is Claire Wilkins. We also have a Kyra data protection lead (see ‘Contact us’ below).
The personal data we hold
We process or temporarily store personal data that you:
- Chose to send to us via an online form
- Information contained in or relating to any communications that you send to us or send through our website (including the communication content) via online forms or through the online forums within the website
- Information about your computer and about your visits to and use of our services.
Personal data that we may collect, use, store and share (when appropriate) about you includes, but is not restricted to:
- Name, organisation and job title
- Contact information including email address
- Demographic information such as postcode, preferences and interests
- Other information relevant to you engaging in working with Kyra Teaching School.
Why we use this data
The purpose of processing this data is to help us run the teaching school effectively, including
- To enable efficient communication with people who choose to engage with the teaching school
- To promote and share the activity of the teaching school, we may contact you to promote activities, and opportunities that we believe may be of interest to you
- To review the way in which you use the website and how effective our website and communication systems are
- For the purpose of allowing you access to restricted areas within the website.
Our lawful basis for using this data
We only collect and use personal data about you when the law allows us to. Most commonly, we use it where
- you have given us consent to use it in a certain way
- legitimate interests namely the proper administration of our website and business and communications with users.
Where you have provided us with consent to use your data, you may withdraw this consent at any time. We will make this clear when requesting your consent, and explain how you go about withdrawing consent if you wish to do so.
Some of the reasons listed above for collecting and using personal information about you overlap, and there may be several grounds which justify the teaching school’s use of your data.
How we store this data
We are committed to ensuring that your information is secure. In order to prevent unauthorised access, alteration or disclosure, we have put in place suitable physical, electronic and organisational procedures to safeguard and secure the information we collect online.
Please let us know if the personal information that we hold about you needs to be corrected or updated.
Retention of data
Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Third party websites
Our website includes hyperlinks to, and details of, third party websites.
We have no control over, and are not responsible for, the privacy policies and practices of third parties.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
- Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
- Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies that we use
(a) to help us to analyse the use and performance of our website and services (cookies used for this purpose are: Google Analytics and
Cookies used by our service providers
_utma This randomly generated number is used to determine unique visitors to our site. It expires after 2 years.
_utmb. This randomly generated number works with _utmc to calculate the average length of time users spend on our site. It expires after 30 minutes.
_utmc This randomly generated number works with _utmb to calculate when you close your browser.It expires when you close your browser.
_utmz This is a randomly generated number and information about how the site was reached (e.g. direct or via a link, organic search or paid search). It expires after 6 months.
We use exp_last_activity so every time the page is reloaded the last activity is set to the current date and time. It is used to determine form or login expiry. This is essential for logged in users to record their data and not lose it as it is being input. The expiry time 12 months.
exp_last_visit Sets the date and time that the you last visited the site. Affects guests and logged in users. The expiry time is 12 months.
exp_tracker Tracks the last 5 pages you viewed and is used primarily for redirection after some actions on the site ie moving back to pages. This affects guests and logged in users. This cookie expires when you leave the site.
We also use exp_csrf_token. This cookie protects against Cross Site Request Forgery (CSRF). A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. It expires from your computer after one hour.
Manage your cookie preferences here
- Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
- Blocking all cookies will have a negative impact upon the usability of many features.
- If you block cookies, you will not be able to use all the features on our website.
We do not share information about you with any third party without your consent unless the law and our policies allow us to do so.
Where it is legally required, or necessary (and it complies with data protection law) we may share personal information about you with:
- the Department for Education
- suppliers and service providers – to enable them to provide the service we have contracted them for
- central and local government
- our auditors
- professional advisers and consultants
- professional bodies.
Transferring data internationally
Where we transfer personal data to a country or territory outside the European Economic Area, we will do so in accordance with data protection law.
How to access personal information we hold about you
Individuals have a right to make a ‘subject access request’ to gain access to personal information that the teaching school holds about them.
If you make a subject access request, and if we do hold information about you, we will:
- give you a description of it
- tell you why we are holding and processing it, and how long we will keep it for
- explain where we got it from, if not from you
- tell you who it has been, or will be, shared with
- let you know whether any automated decision-making is being applied to the data, and any consequences of this
- give you a copy of the information in an intelligible form.
You may also have the right for your personal information to be transmitted electronically to another organisation in certain circumstances.
If you would like to make a request, please contact your school data protection lead, see
Contact Us below.
Your other rights regarding your data
Under data protection law, individuals have certain rights regarding how their personal data is used and kept safe. You have the right to:
- object to the use of your personal data if it would cause, or is causing, damage or distress
- prevent your data being used to send direct marketing
- object to the use of your personal data for decisions being taken by automated means (by a computer or machine, rather than by a person)
- in certain circumstances, have inaccurate personal data corrected, deleted or destroyed, or restrict processing
- claim compensation for damages caused by a breach of the data protection regulations.
To exercise any of these rights, please contact your school data protection lead, see Contact Us below.
We take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.
To make a complaint, please contact the Kyra data protection lead or Trust data protection officer.
Alternatively, you can make a complaint to the Information Commissioner’s Office:
Report a concern online at https://ico.org.uk/concerns/.
Call 0303 123 1113.
Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
If you have any questions, concerns or would like more information about anything mentioned in this privacy notice, please contact:
Kyra data protection lead: Jude smith email@example.com 07769661479 or our
Trust data protection officer: Claire Wilkins, firstname.lastname@example.org, 0118 902 1637.