We provide a wide range of documents for education establishments available to purchase individually or as bundles. 

Document Name

Document Description

Price document based on template

plus VAT

Privacy Notice for Younger Pupils (aimed at parents / carers)

Contains the privacy information you are required to provide by A.13/14 UK GDPR specifically for your younger pupils

£300

Privacy Notice for Older Pupils

 

Contains the privacy information you are required to provide by A.13/14 UK GDPR specifically for your older pupils age 13 and above. Written in age appropriate language and designed to be in the spirit of The Children’s Code (or Age Appropriate design Code)

£300

Privacy Notice for Parents and Carers

 

 

£300

Privacy Notice for Staff

 

 

£300

Staff Data Protection Policy

 

 

£300

Information Security Policy

 

 

£300

BYOD Policy

Essential if you permit your staff to work from any personal device including simply checking their work emails from a personal smartphone

£300

Policy on the Use of Images and Video and Template Consent Forms

 

Essential if you use pupil images or video on your website, social networking platform, for marketing, development and fundraising etc. and regardless of which legal basis you rely on.

£500

Retention and Deletion Policy

Our template Retention and deletion Policy will help you comply with the Storage Retention Principle under GDPR and also has regard to the IICSA instruction regarding the preservation of all records relating to the care of children so that they remain available for
inspection by the Inquiry.

 

£300

Biometrics Policy and Template Biometrics Consent Form

If you deploy biometrics (e.g. for cashless catering, library book borrowing, building access etc.) you need to obtain consent to comply with the Protection of Freedoms Act (POFA) and provide full transparency information to comply with GDPR.

£500

Freedom of Information Policy/Environmental Information Regulations Policy

 

 

£300

FOI Publication Scheme

A statutory requirement for public authorities.

£300

Subject Access Request Policy

 

Subject Access Requests (SARs) are a drain on your organisation’s time and resources. This policy will help manage potential requester’s expectations and also serve as an internal “route map” to managing a SAR.

£300

Template Record of Processing Activities (ROPA)

A ROPA is a statutory requirement of the GDPR. This one is specifically designed for educational establishments.

£200

Data Breach Log

 

GDPR requires you to document all personal data breaches, regardless of whether they need to be reported to the ICO or not. This serves as your statutory record.

£200

Data Breach Protocol

 

To help you comply with the GDPR Accountability principle and manage a personal data breach.

£300

Template Data Protection Impact Assessment (DPIA) and Guidance

DPIA’s are required to be carried out in many cases. This template DPIA can be used time and again. The Guidance will explain when you must carry out a DPIA and when the ICO guidance suggests a DPIA should be carried out.

£300

Pre-Contract Due Diligence Questionnaire

For use when contracting with a data processor e.g. data destruction company, mail fulfilment, IT company. GDPR requires you to check your processors before you contract with them. This template questionnaire is detailed enough to be adapted to suit multiple scenarios. See how you prospective contractors “measure-up” before you sign on the dotted line.

 

£250

Template Data Processing Agreement plus Guidance

GDPR requires a written contract to be put in place between a Controller and Processor containing specific contract clauses and imposing contractual obligations on the Processor. This template is drafted “pro-Controller).

£600

 

Discounted Bundles are available, see information below. 

Please call to discuss bundles or documents.

Policy Bundles

 

 

 

Document Name

Document Description

Price document based on template

plus VAT

Privacy Notice for Younger Pupils (aimed at parents / carers)

Contains the privacy information you are required to provide by A.13/14 UK GDPR specifically for your younger pupils

£300

Privacy Notice for Older Pupils

 

Contains the privacy information you are required to provide by A.13/14 UK GDPR specifically for your older pupils age 13 and above. Written in age appropriate language and designed to be in the spirit of The Children’s Code (or Age Appropriate design Code)

£300

Privacy Notice for Parents and Carers

 

 

£300

Privacy Notice for Staff

 

 

£300

 

Document Name

Document Description

Price document based on template

plus VAT

Staff Data Protection Policy

 

 

£300

Information Security Policy

 

 

£300

BYOD Policy

Essential if you permit your staff to work from any personal device including simply checking their work emails from a personal smartphone

£300

Policy on the Use of Images and Video and Template Consent Forms

 

Essential if you use pupil images or video on your website, social networking platform, for marketing, development and fundraising etc. and regardless of which legal basis you rely on.

£500

Retention and Deletion Policy

Our template Retention and deletion Policy will help you comply with the Storage Retention Principle under GDPR and also has regard to the IICSA instruction regarding the preservation of all records relating to the care of children so that they remain available for
inspection by the Inquiry.

 

£300

Biometrics Policy and Template Biometrics Consent Form

If you deploy biometrics (e.g. for cashless catering, library book borrowing, building access etc.) you need to obtain consent to comply with the Protection of Freedoms Act (POFA) and provide full transparency information to comply with GDPR.

£500

 

Document Name

Document Description

Price document based on template

plus VAT

Freedom of Information Policy/Environmental Information Regulations Policy

 

 

£300

FOI Publication Scheme

A statutory requirement for public authorities.

£300

 

Document Name

Document Description

Price document based on template

plus VAT

Data Breach Log

 

GDPR requires you to document all personal data breaches, regardless of whether they need to be reported to the ICO or not. This serves as your statutory record.

£200

Data Breach Protocol

 

To help you comply with the GDPR Accountability principle and manage a personal data breach.

£300

 

The law and practice referred to in this article or webinar has been paraphrased or summarised. It might not be up-to-date with changes in the law and we do not guarantee the accuracy of any information provided at the time of reading. It should not be construed or relied upon as legal advice in relation to a specific set of circumstances.