General Data Protection Regulation – GDPR

On Friday 25th May 2018 the General Data Protection Regulation (GDPR) legislation came into force. This was introduced to update the previous Data Protection Act 1998, strengthen and unify protection for all EU individuals.

At St Joseph’s we take the security of our staff and student’s personal data very seriously. All of our data is processed lawfully, fairly and in a transparent manner. When required, consent has been given by all staff and parents or guardians of students to keep with legitimate reason. This data is kept and only shared in order for us to perform our official duties as a school, college and supported living organisation. We do not retain data for longer than necessary or unnecessarily share information. We do not use individual personal data for fundraising or marketing purposes.

On this website you will find two privacy notices, one for our workforce and one for our students, and also our Data Protection Policy. Please take time to read these. If you have any further queries please contact our Data Protection Officer using the email and the independent Data Protection Officer at

Privacy Notice – Workforce

Privacy Notice – Students and Tenants

GDPR & Data Protection Policy

Subject Access Request (SAR) Letter