Email: schooloffice@whalehill.steelriver.org.uk Tel: 01642 454339

GDPR

What is the GDPR?

The General Data Protection Regulation is a new, European-wide law that replaces the Data Protection Act 1998 in the UK. It places greater obligations on how organisations handle personal data. It came into effect on 25 May 2018.

What information does the GDPR apply to?

The GDPR applies to ‘personal data’, which means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

To find out more information about the new changes, click on the link below.

SRAT Data Protection Policy 2023 – 2025 Download

SRAT Privacy Notice for Pupils 2023 – 2024 Download

Fair Processing Notice 2023 – 2024 Download

Privacy Notice for Volunteers 2023 – 2024 Download

Cookie Policy

This website uses cookies, or tiny pieces of information stored on your computer, to verify who you are when you are logged in to the administration area.

Types of cookies we use

We use the following types of cookies:

strictly necessary cookies – these are essential in to enable you to move around the websites and use their features. Without these cookies the services you have asked for, such as registering for an account, cannot be provided.
functionality cookies – these cookies allow the website to remember choices you make and provide more personal features. For instance, a functional cookie can be used to remember the volume level you prefer to use when watching videos on our websites. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.

First Party Cookies

Provider	Cookie name	Purpose	Further information
Website	ir_test	This tests whether the device is suppressing cookies
Website	cke	This cookie is used to remember whether you wish to view the cookie notice or not.
Google Analytics	_ga _gat_gat_oxRollUpTracker_gat_UA-*****	These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the site from and the pages they visited.	Overview of Google Analytics privacy

E-Commerce Cookies

Cookies are used by WooCommerce in a variety of ways.

Cookies depend on specific features that are enabled on a store. The cookies are active when a user interacts with one of these features or to allow admin functions to be performed from within the store’s dashboard (/wp-admin).

Details are provided in tables below, listing various cookies that are set for users of stores with the WooCommerce plugin installed.

Store front end:

COOKIE NAME	DURATION	PURPOSE
`woocommerce_cart_hash`	session	Helps WooCommerce determine when cart contents/data changes.
`woocommerce_items_in_cart`	session	Helps WooCommerce determine when cart contents/data changes.
`wp_woocommerce_session_`	2 days	Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.
`woocommerce_recently_viewed`	session	Powers the Recent Viewed Products widget.
`store_notice[notice id]`	session	Allows customers to dismiss the Store Notice.

No personal information is stored within these cookies.

Store dashboard (`/wp-admin`):

COOKIE NAME	DURATION	PURPOSE
`woocommerce_snooze_suggestions__[suggestion]`	2 days	Allows dashboard users to dismiss Marketplace suggestions, if enabled.
`woocommerce_dismissed_suggestions__[context]`	1 month	Count of suggestion dismissals, if enabled.
`tk_ai`	session	Stores a randomly-generated anonymous ID. This is only used within the dashboard (`/wp-admin`) area and is used for usage tracking, if enabled.

Web Application Firewall Cookies

To help you understand which cookies the Wordfence plugin sets, when installed on your WordPress site, we have provided the guide below. Wordfence currently sets three cookies and we explain what each cookie does, who will have the cookie set, and why the cookie helps secure your site.

wfwaf-authcookie-(hash)

What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.

Who gets this cookie: This is only set for users that are able to log into WordPress.

How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

wf_loginalerted_(hash)

What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.

Who gets this cookie: This is only set for administrators.

How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.

wfCBLBypass

What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.

Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.

How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.

Third Party Cookies

To enrich our website content, sometimes we may embed video content from other social media websites such as YouTube or Facebook. As a result, when you visit a page with content embedded, you may be presented with cookies from these websites. This website has no control or liability over these cookies set, so you should check the relevant third party’s cookie policy for more information.

We also offer a ‘share page’ widget on some of our web pages, where content can be shared easily on the following sites – Facebook, Twitter, MySpace, Delicious and Digg. These sites may set a cookie when you are logged into their service. This website has no control or liability over these cookies set, so you should check the relevant third party’s cookie policy for more information.

Some links and resources are provided below to assist your understanding of the types of cookies you may encounter.

Provider	Cookie name	Purpose	Further information
Google maps	NID PREF khcookie	These cookies are used by Google to track how many people are using their maps	Overview of Google privacy
YouTube	use_hitbox VISITOR_INFO1_LIVE	YouTube may still set cookies on the user’s computer once the visitor clicks on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.	Google Technology
Twitter	lang pidmetrics_token	We have the Twitter Share widget in place on the site which makes use of cookies. May include targeted advertising cookies.	Twitter Privacy Policy Twitter Articles
Google	PREF NID	Cookies related to Google. May include targeted advertising cookies used on our social media hub.	Google Cookies Google Types
LinkedIn	_bizo_bzid _bizo_cksm _bizo_np_stats	Targeted advertising cookies from LinkedIn.	LinkedIn Cookie Policies
CloudFlare	_cfduid	Identifies a single machine as safe to connect behind a shared IP so challenges do not have to be reissued.	Cloudflare Cookie Policy

Cookies

This website will not use cookies to collect personally identifiable information about you. However, should you choose to disable, reject or block our cookies, some parts of our website will not function fully, or in some cases, our website will not be accessible at all.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them please visit http://www.allaboutcookies.org/.

WordPress

For detailed information on the use of cookies within the WordPress ecosystem please visit https://codex.wordpress.org/WordPress_Cookies

Changes to our Cookie Statement

Any changes we may make to our Cookie Statement in the future will be posted on this page.

Last Updated: 12/02/21

Privacy Policy

We regard your privacy as important and any personal information you give to us will be used in accordance with the Data Protection Act and the General Data Protection Regulations.

We do not store personal information about individuals who visit this site except where they provide contact information via our contact us page and contact forms available on various pages throughout the website.

Any information you provide will only be used for the reasons specified and it will not be shared with any third party without your consent, unless required by law.

Your contact details are kept securely and are only accessed by authorised members of staff as part of the provision of school services. If you do not wish us to keep this contact information please tell us.

This website uses Google Analytics which provides statistical data about the usage of the site. This information is not used to identify individuals, but is collected to provide us with an understanding of the areas of interest on our site and how our site is being used.

If you are connected to the internet you will have an IP Address. This may take the form of a figure, such as 333.333.22.1. The address will be automatically collected and logged as part of the connection of your computer to our web server and may be used to determine the total number of visits to each part of the site. This data is not collected and used for other purposes.

This website contains links to other websites. The School is not responsible for the privacy practices of other sites or organisations and recommends you consult the privacy information on those sites.

This policy will be reviewed and updated versions will be posted on the website.

If you have any questions about the use of your personal information, the Information Commissioner is the independent regulator for both Data Protection and Freedom of Information.