The General Data Protection Regulation (GDPR) is a piece of legislation that determines how people's personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.

For the purposes of GDPR The Elliot Foundation Multi Academy Trust is the 'data controller'. The Data Protection Officer for the trust is Jem Shuttleworth who can be contacted on

Each of our academies is a 'data processor' with a named Local Compliance Officer and their details can be found on the academy website alongside being referenced in each of the Privacy Notices.

Across the trust we work to identify and monitor the use of personal data, to undertake the necessary processes for auditing and assessing risk and to ensure that policies are in place to support our schools to sustain compliance.

GDPR & IT Policies

Puzzle piece

Data Protection Policy

This policy regulates the way in which The Elliot Foundation Academies Trust obtains, uses, holds, transfers and otherwise processes personal data about individuals and ensures all of its employees know the rules for protecting personal data.