We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.

(1) What information do we collect?

We may collect, store and use the following kinds of personal data:

1.Information about your visits to and use of this website;

2.Information about any transactions carried out between you and us on or in relation to this website;

3.Information that you provide to us for the purpose of registering with us, and/or leaving guestbook comments, and/or subscribing to our website services and/or email notifications.

(2) Information about website visits

We may collect information about your computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. We may use this information in the administration of this website, to improve the website's usability, and for marketing purposes.

We use cookies on this website. A cookie is a text file sent by a web server to a web browser, and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

We may send a cookie which may be stored by your browser on your computer's hard drive. We may use the information we obtain from the cookie in the administration of this website, to improve the website's usability and for marketing purposes. We may also use that information to recognise your computer when you visit our website, and to personalise our website for you.

Most browsers allow you to refuse cookies. (For example, in Internet Explorer you can refuse all cookies by clicking "Tools", "Internet Options", "Privacy", and selecting "Block all cookies" using the sliding selector.) This will, however, have a negative impact upon the usability of many websites.

(3) Using your personal data

Personal data submitted to this website will be used for the purposes specified in this privacy policy or in relevant parts of the website. In addition to the uses identified elsewhere in this privacy policy, we may use your personal information to:

1.Improve your browsing experience by personalising the website;

2.Provide other organisations with statistical information about our users - but this information will not be used to identify any individual user.

We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.

(4) Other disclosures

In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this privacy policy, we may disclose information about you:

1.To the extent that we are required to do so by law;

2.In connection with any legal proceedings or prospective legal proceedings;

3.In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);

4.Except as provided in this privacy policy, we will not provide your information to third parties.

(5) Security of your personal data

We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. 

(6) Policy amendments

We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. 

(7) Third party websites

The website contains links to other websites. We are not responsible for the privacy policies of third party websites.

(8) Our contact details

Please see above for our contact details.

This Privacy Policy is based on a freely-available template created and distributed by

Website Disclaimer

(1) Introduction

This disclaimer governs your use of our website; by using our website, you accept this disclaimer in full. If you disagree with any part of this disclaimer, do not use our website. 

(2) Intellectual property rights

Unless otherwise stated, we or our licensors own the intellectual property rights in the website and material on the website. Subject to the licence below, all our intellectual property rights are reserved. 

(3) Licence to use website

You may view, download for caching purposes only, and print pages from the website, provided that:

1.You must not republish material from this website (including republication on another website), or reproduce or store material from this website in any public or private electronic retrieval system;

2.You must not reproduce, duplicate, copy, sell, resell, visit, or otherwise exploit our website or material on our website for a commercial purpose, without our express written consent.

(4) Limitations of liability

The information on this website is provided free-of-charge, and you acknowledge that it would be unreasonable to hold us liable in respect of this website and the information on this website. 

Whilst we endeavour to ensure that the information on this website is correct, we do not warrant its completeness or accuracy; nor do we not commit to ensuring that the website remains available or that the material on this website is kept up-to-date.

To the maximum extent permitted by applicable law we exclude all representations, warranties and conditions (including, without limitation, the conditions implied by law of satisfactory quality, fitness for purpose and the use of reasonable care and skill).

Our liability is limited and excluded to the maximum extent permitted under applicable law. We will not be liable for any direct, indirect or consequential loss or damage arising under this disclaimer or in connection with our website, whether arising in tort, contract, or otherwise - including, without limitation, any loss of profit, contracts, business, goodwill, reputation, data, income, revenue or anticipated savings. 

However, nothing in this disclaimer shall exclude or limit our liability for fraud, for death or personal injury caused by our negligence, or for any other liability which cannot be excluded or limited under applicable law. 

(5) Variation

We may revise this disclaimer from time-to-time. Please check this page regularly to ensure you are familiar with the current version.

(6) Entire agreement

This disclaimer constitutes the entire agreement between you and us in relation to your use of our website, and supersedes all previous agreements in respect of your use of this website. 

(7) Law and jurisdiction

This notice will be governed by and construed in accordance with English law, and any disputes relating to this notice shall be subject to the exclusive jurisdiction of the courts of England. 

(8) Our contact details

Please see above for our contact details.

This disclaimer is based on a freely-available template created and distributed by


NHS Test & Trace and The Law

The law on protecting personally identifiable information, known as the General Data
Protection Regulation (GDPR), allows Public Health England to use the personal information
collected by NHS Test and Trace

The section of the GDPR that applies is:

Article 6(1)(e) ‘processing is necessary for the performance of a task carried out in the public
interest or in the exercise of official authority vested in the controller’

As information about health is a special category of personal information, a further section
of the GDPR applies:

Article 9(2)(i) ‘processing is necessary for reasons of public interest in the area of public
health, such as protecting against serious cross-border threats to health or ensuring high
standards of quality and safety of healthcare’

Public Health England also has special permission from the Secretary of State for Health and
Social Care to use personally identifiable information without people’s consent where this is
in the public interest. This is known as ‘Section 251’ approval and includes the use of the
information collected by NHS Test and Trace to help protect the public from coronavirus.

The part of the law that applies here is Section 251 of the National Health Service Act 2006
and the associated Health Service (Control of Patient Information) Regulations 2002.

Covid 19 Privacy Notice

This Privacy Notice has been written to inform pupils, parents and staff of Joseph Locke Primary School about how we are using your information in light of the measures that have been introduced in response to the Coronavirus (COVID-19) pandemic.

This Privacy Notice should be read in conjunction with our standard Pupils and Parents, and Employees Privacy Notices.

Who are we?

Joseph Locke Primary is a ‘Data Controller’ as defined by Article 4 (7) of GDPR. This means that we determine the purposes for which, and the manner in which, your personal data is processed. We have a responsibility to you and your personal data and will only collect and use this in ways which are compliant with data protection legislation. 

 What information are we collecting?

The categories of information that we collect, hold and share include the following:

  • Basic personal information (e.g. name, pupil number, DOB and address) (pupils, parents and staff)
  • Safeguarding information (pupils)
  • Job role and evidence of employment in this role (parents)
  • Attendance information (pupils and staff)

We will also process information which may include ‘special category’ data about our pupils including:

  • Information which identifies children that are ‘vulnerable’ (those who have a social worker, such as children in the care of the Local Authority and those children and young people up to the age of 25 with education, health and care (EHC) plans)
  • Relevant medical information (pupils and staff)

Why do we process your personal data?

We are processing this information to facilitate the provision of care for vulnerable children and the children of critical workers. 

This involves:

  • Processing pupil information to facilitate their learning and meet any care requirements that they have. 
  • Processing parents’ employment information to confirm their status as a critical worker.
  • Processing the information of staff members who have been redeployed in order to meet resourcing needs. 

Any personal data that we process about our pupils and parents is done so in accordance with Article 6 and Article 9 of GDPR:

Article 6 (c) legal obligation Article 6 (d) public task Article 6(b) contract (for staff)

 Article 9 (b) Employment, social security and social protection (for staff) Article 9 (g)

Reasons of substantial public interest 

Please refer to our standard Pupils and Parents and Employees Privacy Notices information about the lawful basis we rely upon to process your data.

Who do we obtain your information from?

Much of the information we process will be obtained directly from you. We will also process

information received from:

  • Department for Education (DfE)
  • Local Education Authority. If your child is attending our school as a result of the COVID-19 pandemic response and your child’s previous school was in a neighbouring LEA, then we may need to obtain information from this LEA.
  • Previous schools attended

Who do we share your personal data with?

We are obliged to share attendance data with the Department for Education during this time. The following information will be shared: 

  1. The names of all children who are in attendance on each day 
  2. If the child is not enrolled at your school, the name of the school where the child is enrolled 
  1. Whether the child is present on each day  
  2. Whether the child has parents who are critical workers 
  3. If the child is vulnerable e.g. they have on an education health and care plan (EHCP), have a social worker (CiN), or are looked after children
  1. If the child is on an EHCP
  2. If the child has a social worker 
  3. The time the child signed into the school 
  4. The time the child signed out of the school 
  5. The number of children or staff members that are ill, isolating, shielding and whether there is a suspected or confirmed case of COVID-19.
  1. The number of children or staff members who have been asked to self-isolate by the NHS Test and Trace system.
  1. The number of children or staff members living with a clinically extremely vulnerable person.

We may also be required to share information with neighbouring Local Education Authorities if your child is attending our school as a result of the COVID-19 pandemic response and your child’s previous school was in a neighbouring LEA.

For further details about who we share information with, please see our full Pupil and Parents and Employees Privacy Notices.  

How long do we keep your personal data for?

We will only retain your data for as long as it is necessary to do so. In respect of parents, we will not retain a copy of the evidence that you provide to us to prove that you are a critical worker. 

For further details about retention of your data, please refer to our full Pupils and Parents

and Employees Privacy Notices.

What rights do you have over your data?

Under GDPR data subjects have the following rights in relation to the processing of their

personal data:

  • to be informed about how we process your personal data. This notice fulfils this obligation
  • to request access to your personal data that we hold, and be provided with a copy of it
  • to request that your personal data is amended if inaccurate or incomplete
  • to request that your personal data is erased where there is no compelling reason for its continued processing
  • to request that the processing of your personal data is restricted
  • to object to your personal data being processed


If you have any concerns about the way we have handled your personal data or would like any further information, then please contact our DPO at the school.

We use cookies on our website to ensure that your time on our site is better. Please read our privacy policy to learn more or change your browser settings.