The General Data Protection Regulation (GDPR) is an EU regulation that came into force on 25th May 2018. Following the UK withdrawal from the EU, the UK adopted the regulation to create the UK GDPR from 1st January 2021.  The regulation puts individuals in control of their personal data, allowing them to choose how (and whether) businesses use their data.

The GDPR provides the following rights for individuals:

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling

To see how we use your information, please refer to the Trust Privacy Notices, our Data Protection Policy is available on request. 

If you have any queries in relation to the way the Smart Multi Academy Trust meets the requirements of the GDPR or wish to exercise your rights under the UK GDPR, please contact our Data Protection Officer (DPO). Freedom of Information or Right to Access (Subject Access Requests) should also be directed to the DPO.

The Trust DPO can be contacted at dpo@smartacademies.net

ICO Registration