top of page

GDPR Information

GDPR - What does it mean?


On May 25th 2018 the General Data Protection Regulation will come into effect across the EU. It is a new law that is being implemented in exactly the same way across all EU countries to create a level set of rules to ensure all data held and processed by organisations within the EU is secure and processed lawfully.

For further information about GDPR, please click here to visit the ICO website


Public organisations, schools (and academies) are required to comply with GDPR. At Herbert Thompson Primary School we have been working on our GDPR readiness since December 2017. To give you an idea, in preparation we have:

  • Made everyone on the staff aware – all the way up to our governors.

  • Been on training courses

  • Have explored how we can monitor data protection across the schools within the Cardiff area


The process of becoming fully GDPR compliant will be a long one because it affects all aspects of the school. We do already have strong Data Protection policies and protections but these now all need to be updated in line with GDPR.


We are working on our practice to ensure that GDPR  is central to our day-to-day culture. We already highly value and protect all of our pupil, parent and staff data and will continue to do so in the presence of GDPR.


As a parent/carer you may receive some letters from us regarding GDPR. Some of those may be about consent and some about updating your information with us. Please do read and send back everything you receive.

GDPR Documents for Parents:


          HTPS GDPR Parental Consent Form                    HTPS Data Protection Policy


bottom of page