Let me start with a little story. Picture this: a well-meaning school rolls out a shiny new classroom app. It promises real-time behaviour tracking, AI-generated performance reports, and parental push notifications. Everything’s going swimmingly until a parent complains. Loudly. They’re uncomfortable with how much data the app’s collecting on their child. A few emails later, […]
It’s that time of year again; when we pull back the curtain and let you in on everything we’ve been working on to make your Sentry System stronger, smarter, and even more aligned with your GDPR compliance needs. This past year, our focus has been on refining the tools that matter most to you: improving […]
Let’s be honest: when most of you became educators, you dreamed of inspiring minds, not mastering the fine print of data protection law. But here you are, in a post-GDPR, post-DUAA world, where understanding the “lawful basis for processing” is as crucial as remembering to take the register. The good news? While the Data (Use […]
September marks the start of a new school year and with it, we often see an influx of FOI requests. It usually starts with an email. The subject line is polite, official (possibly even a little dry): “Request under the Freedom of Information Act 2000.” You open it, wondering if it’s a mistake. It’s not. […]
When I first mention a RoPA to staff in schools or multi-academy trusts, I usually get one of three responses: A) a knowing sigh, B) a panicked blink, or C) a hopeful, “Is that the thing we can outsource?” The truth is, a Record of Processing Activities (RoPA) sounds more bureaucratic than it actually is. […]
It begins with a simple email. “Dear Office, I’m concerned about the data collected by the new homework app. Could you let me know what’s being stored about my daughter, and whether we can opt out?” At first glance, your school administrator treats it as a routine enquiry. A parent, understandably cautious. The message gets […]
Imagine it’s a rainy Thursday afternoon. You’ve just finished playground duty and you’re halfway through a lukewarm coffee when the email pings into your inbox. It’s a Subject Access Request (SAR), and not just any SAR, it’s one of those SARs: someone wants “all the information you hold about them.” Cue internal screaming. But don’t […]
On the 19th of June 2025, the Data Use and Access Act (commonly known as the DUAB or DUA Bill) officially received Royal Assent, marking a significant update to the UK’s data protection framework. While it doesn’t entirely rewrite GDPR, it does bring a number of key changes that educational institutions need to be aware […]
Picture this, a student who left school years ago reaches out with a request. They’d like their personal data removed from your records. Not just from the admissions system, but everything; emails, reports, maybe even that long-forgotten incident log from Year 9. They’ve moved on and want their past to do the same. It’s a […]
In a quiet primary school on the edge of town, a well-meaning teaching assistant printed a spreadsheet containing student health details. He left it in the staffroom just for a moment while making a cup of tea. When he returned, the document had vanished. It later turned up, crumpled and smudged with jam, in the […]