Skip to content

Administration and finance


All schools and settings in Devon are individually responsible for ensuring that they comply with the requirements of data protection laws such as the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, so it’s important that you understand your obligations in this area.

These compliance pages provide your school or setting with all the information required to comply with the rules and standards expected of your organisation under data protection and information compliance legislation. They contain links to a range of useful resources to support your compliance with the key areas of legislation that apply to schools and education settings.

The UK GDPR is underpinned by seven key principles, which should lie at the heart of your approach to processing personal data;

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability

By following these principles, you will be protecting the confidentiality, integrity and availability of the information you hold as an organisation, as well as meeting your obligations under data protection laws.