Data Protection Impact Assessments (DPIA)

When a Trust, Academy or school invests in a new product, service or project that requires the handling of personal data, the Data Protection Officer at the Trust, Academy or school should undertake a data protection impact assessment.

A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project. To complete this assessment the Trust, Academy or school may choose to enlist the help of other people within their own organisation.

To assist Data Protection Officers in conducting this assessment, CraignDave Ltd supply this privacy policy.

CraignDave Ltd is a limited company within the UK and complies with all legal responsibilities under the Data Protection Act 2018, incorporating EU GDPR.

It is not the position of CraignDave Ltd to complete a Trust, Academy or school’s internal paperwork for impact assessments because we should not be judging ourselves, this is often referred to ‘poacher turned gamekeeper’.

All the information required for a Data Protection Officer to complete an impact assessment can be found within our privacy policies.