You are here:

Last updated on 4 May 2018
Ref: 34596
School types: All · School phases: All

As a MAT, you're the legal entity responsible for data processing across your schools, and so the responsibility for GDPR compliance sits with you. Here are the steps you now need to take to get your trust ready.

Article tools


  1. What your role as data controller means
  2. Who will be your data protection officer?
  3. Centralise your privacy notices and policies
  4. Review your centralised systems
  5. Put in place measures at school level

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence.