We at The Education Space are committed to high standards of information security which includes privacy and transparency.

We have sought sustainable compliance through policies, awareness and managing risk including breach reporting, Data Protection Impact Assessments (DPIAs), Data Security Policy, Privacy Notices, Subject Access Request Procedures and Retention of records policy.

Data items which we process have been documented in an information asset register. Analysis has been conducted to document how this information is being processed, stored, retained, deleted and the purpose.

Existing contracts for staff, suppliers and schools are continuously being reviewed to ensure compliance with the UK GDPR. In terms of security measures, The Education Space applies appropriate security measures based on the ISO27001 standard.

We have appointed a Data Protection Officer who will inform, advise, and monitor compliance. The Education Space will implement tools as appropriate that support the process, provide necessary security and ongoing delivery of objectives.

All our staff have received training which evidences a good level of understanding of data protection legislation and best practice. Our approach is to continuously raise awareness to ensure data protection is embedded within the organisation.

If you have any questions about our compliance with the UK GDPR, please contact theeducationspace.co.ukdpo@npw.uk.com.