Skip to content ↓

Thomas Deacon Education Trust

GDPR and Data Protection

GDPR Explained

GDPR is an updated set of rules designed to harmonise data privacy laws across Europe and gives greater protection and rights to individuals. The GDPR implements six principals:

  • Lawfulness, Fairness and Transparency – Organisations must have legitimate reasons for collecting and processing your personal or sensitive data. 

  • Purpose – Organisations should only collect data for a specified, explicit and legitimate purpose

  • Data Minimisation – Organisations should only collect data which is adequate, relevant and limited to what is necessary in relation to the purpose for which they are processed. 

  • Accuracy – Data held by organisations should be accurate and, where necessary, kept up to date. 

  • Retention – Data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purpose for which the personal data is processed. 

  • Security – Data should be processed in a matter that ensures appropriate security of its personal data.

Our Privacy notice provides details about the information we collect, the purpose for which we collect it, any third parties who this may be shared with and how long we will retain it. 

Under the GDPR, there is an enhancement of individuals' rights;

  • The right to be informed – You should know about the collection and use of personal data. 

  • The right of access – You can ask about your personal data we hold in the form of a subject access request (SAR)

  • The right of rectification – You can ask us to correct the information we hold which is incorrect

  • The right to erase – You can have your data removed

  • The right to restrict processing – You can limit what your data is being used for

  • The right to withdraw consent – Where consent has been given, you have the right to withdraw at any time. 

It is important to note: Where organisations have a legitimate purpose for the collection, use, sharing and storage of data, these will therefore overrule individuals' rights and processing can continue. 

Subject access requests (SAR) and Freedom of information (FOI) requests

If you wish to lodge a SAR or FOI with the Academy, please use the links below to submit your request to our DPO. Proof of ID will need to be provided in order for the request to be completed and a response will be issued within one month from the date the request is received.

Reporting a Data Breach

If you believe that your personal or sensitive data has been compromised, please fill in the form by clicking on the Report a Data Breach button below. 

Data Protection Officer

The Data Protection Officer is responsible for overseeing data protection within the Trust. TDET have appointed Judicium to act as our DPO. Should you have any questions, concerns or queries please contact them with the following information:

Data Protection Officer: Judicium Consulting Limited
Address: 5th Floor, 98 Theobalds Road, London, WC1X 8WB
Email: dataservices@judicium.com
Web: www.judiciumeducation.co.uk
Telephone: 0345 548 7000 (Option 1, then 1)

TDET GDPR and Data Protection Policies:

  1. GDPR Jargon Buster
    PDF File
  2. TDET-CCTV-Policy
    PDF File
  3. TDET Data Breach Policy
    PDF File
  4. TDET Data Protection Policy (including SAR appendix)
    PDF File
  5. TDET Data Retention Policy
    PDF File
  6. TDET ICT Acceptable Use Policy and Agreement
    PDF File
  7. TDET Freedom of Information Policy
    PDF File
  8. TDET Privacy Notice for Job Applicants
    PDF File
  9. TDET Privacy notice for Pupils
    PDF File
  10. TDET Privacy Notice for Trustees Governors and Volunteers
    PDF File
  11. TDET Privacy Notice for Visitors and Contractors
    PDF File
  12. TDET Privacy Notice for Staff
    PDF File
  13. TDET Biometrics Policy
    PDF File

Cookie Policy