E-Safety and GDPR

At Kelmscott, we work to ensure students know what they need to do to stay safe using computers, mobile phones and other electronic devices. This is called e-safety. The links have been designed to help parents and carers support our work and ensure that all young people in our care use technology responsibly and stay safe when they are online.

What to do if you believe your child is a victim of cyberbullying?

Cyberbullying, like any other type of bullying, is not tolerated at Kelmscott School. If you feel your child has been a victim of cyberbullying, please contact their Head of Year. If possible, keep evidence of what has happened. Your child's Head of Year can advise you on how to do this.

How to start a conversation about E-Safety with your child?

Talking to your child about E-Safety work they have done at school is a good way to find out what they know about staying safe on the internet. E-Safety week takes place every year at school assemblies address digital footprints, how to stay safe online and cyberbullying. You could start a conversation by asking, 'What did you learn from the E-Safety assembly?' or 'What have you learned about E-Safety in your ICT lessons?'.

Bedtime and safety advice

In order to learn effectively, young people need a good night's sleep. We advise parents to make sure that their children are not using electronic equipment  (e.g. computer games, games consoles,  tablets, laptops, and mobile phones) when they should be sleeping. Mobile phones constantly send out electromagnetic signals whether or not they are being used to make calls. As their brains are still developing, young people should not sleep with mobile phones under their pillows, or near their heads. Neither should they use phones or portable devices whilst they are plugged into the mains.

GDPR at Kelmscott

General Data Protection Regulation (GDPR)


The General Data Protection Regulation (GDPR) is a piece of EU-wide legislation that will determine how people’s personal data is processed and kept safe, and the legal rights individuals have in relation to their own data.

The GDPR is similar to the Data Protection Act (DPA) 1998 (which schools already comply with) but strengthens many of the DPA’s principles.

‘Personal data’ means information that can identify a living individual.

The regulation will apply to all schools from 25 May 2018 and will apply even after the UK leaves the EU.


The GDPR sets out the key principles that all personal data must be processed in line with.

For all data processing activity we do under the GDPR, we must identify a lawful basis.  Our school processes most personal data in order to comply with our statutory obligations but in some cases, we need to obtain consent to process data. This consent must be freely given, specific, informed and unambiguous.

Examples where we WILL NOT need to seek consent

  • Sharing child protection concerns and records with the appropriate people or agencies

  • Submitting data to the Department for Education

  • Sharing assessment data with other schools and examining bodies.

Examples where we WILL need to seek consent

We only need consent in situations where none of the other lawful bases applies. Examples where we will need consent include:

  • Using photographs or videos of pupils on our school’s website or other promotional material

  • Sending marketing material to prospective parents

If we seek consent and you’re not happy to give it or you change your mind, that’s no problem – we will accommodate your preferences. Please use the link below to update your preferences.

We hold student data for varying lengths of time depending on what the information is. The specified periods we hold school data is in accordance with the Information and Records Management Policy, which is accessible below.