Make sure your 'data processors' comply with data protection law
Data processors are third parties that process personal data on your behalf and under your instructions. They may include:
- Payroll providers
- School club providers
You must make sure your data processors comply with the UK General Data Protection Regulation (UK GDPR). See the section below for details on how to do this.
You don't need to do this for 'data controllers'
Data controllers are the main decision-makers, exercising overall control over how the personal data is processed. They may include:
- Awarding bodies
- Other schools or trusts
This information comes from the ICO. Take a look at its guidance if