The General Data Protection Regulation (2016/679 EU) (EU GDPR) is the governing legislation for collecting and processing personal data in the EU. Following the end of the Brexit transition period on 31 December 2020, most of the EU GDPR was retained in UK law by the European Union (Withdrawal) Act 2018. The retained GDPR is known as the "UK GDPR". The UK GDPR is supplemented by the Data Protection Act 2018.


It addresses the transfer of personal data between an individual and an organisation and the responsibilities of that organisation in managing and keeping your data safe. The UK GDPR aims primarily to give control to individuals over their personal data.


Data Protection Officer:


The Data Protection Officer is responsible for overseeing data protection within the School so if you do have any questions in this regard, please do contact them on the information below:


Data Protection Officer: Judicium Consulting Limited

Address: 72 Cannon Street, London, EC4N 6AE Email: Web:

Telephone: 0203 326 9174

Lead Contact: Craig Stilwell


Below are some important documents that outline the School's management of personal data:

Data Protection