Partners in Learning GDPR Privacy Policy

  • What information does the organisation collect?

The types of information that Partners in Learning collect, hold and share can be categorised depending on stakeholder type as follows:


Category of Stakeholder

Examples of types of information held

Members of Partners in Learning

School information, school address, staff names, Ofsted grade, school data, pupil information (including name, SEN, EAL, PP)

Designated personnel, e.g. System Leaders, Moderators, StEPs

Name, email address, school information, TRN, DoB, specialism

Delegates on courses, networks, events

Name, email address, school information

Delegates and schools participating in extended programmes

Name, email address, school information, Ofsted grade, school data, pupil information (including name, SEN, EAL, PP)


  • Who collects it?

Partners in Learning is the data controller of the personal information you provide to us. This means the organisation determines the purposes for which, and the manner in which, it can be processed. In some cases, your data will be outsourced to a third-party processor; however, this will only be done with your consent, unless the law requires the organisation to share your data. Where the school outsources data to a third-party processor, the same data protection standards that Partners in Learning upholds are imposed on the processor. Sara Harle is the Data Protection Officer. Their role is to oversee and monitor the organisation’s data protection procedures, and to ensure they are compliant with the GDPR.

  • How and why is it collected?

Partners in Learning is required to hold data in order to meet organisation designation requirements and legitimate interests set out in the GDPR and UK law, including those in relation to the following Article 6 and Article 9 of the GDPR.

In accordance with the above, the data of stakeholders is collected and used for the following reasons:

  • To support and improve the service offered by the organisation
  • To assess the quality of our service
  • To monitor school progress
  • To comply with the organisation designation requirements of the DfE and NCTL
  • Who is it shared with?


Data is shared in the following instances:

  • The organisation is required to share school’s data, i.e. names of schools who engage with the organisations activity, with the DfE/NCTL on an annual basis.
  • Details of certain designated personnel, i.e. names of SLEs and their deployments, is shared with the DfE/NCTL on an annual basis
  • Data is used when necessary to support the submission of funding bids, i.e. school level data including Ofsted gradings
  • Data is shared with the Research School Network in-line with their contractual agreement with Doncaster Research School
  • NQT and ITT data, such as names, schools and gradings is shared with the DfE
  • Data may be shared between Teaching Schools or Research Schools when joint practice requires data sharing
  • Data such as names and schools are shared with external course providers when delivering on behalf of the organisation


Partners in Learning will not share your information with any third parties without your consent, unless the law allows us to do so.


  • How is it kept safe and how long is it stored for?

All data collected and stored will be kept safe in-line with the organisations data protection policy. In accordance with the GDPR, the organisation does not store data indefinitely; data is only stored for as long as is necessary to complete the task for which it was originally collected. Should your relationship with Partners in Learning end, i.e. you are de-designated, your information will be stored in line with NCTL guidelines.


  • Can I have it removed?

Stakeholders have the following rights in relation to the processing of your data. You have the right to:

  • Be informed about how the organisation uses your personal data.
  • Request access to the data that the organisation holds.
  • Request that your data is amended if it is inaccurate or incomplete.
  • Request that your data is erased where there is no compelling reason for its continued processing.
  • Request that the processing of your data is restricted.


Should you object to the organisation holding your data you can request to have it removed by speaking to the Data Protection Officer who will respond to your request within 30 days.


  • Where can I find out more information?

If you would like to find more information about how we and/or the DfE collect, use and store your personal data, please visit our website ( or download our GDPR Data Protection Policy.