You are here:

Last updated on 31 October 2017
Ref: 34119
School types: All · School phases: All

Here's what you need to do to make sure your school is compliant with the GDPR, in force since 25 May 2018.

Article tools


  1. Tell key people the law has changed
  2. Identify what data you hold, and why you hold it
  3. Appoint your data protection officer 
  4. Include certain information in your privacy notices
  5. Review your data processing procedures
  6. Include certain information in your contracts with suppliers
  7. Monitor your progress towards compliance

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence.