Inspire • Challenge • Educate

Accessing Your Personal Data (Subject Access Requests)

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, individuals have a right to find out if Beacon Hill School holds their personal data, what that data is, and to receive a copy of it. This process is known as a Subject Access Request (SAR)

How Much Does a Request Cost?

Standard Requests are Free of Charge

In line with the Information Commissioner’s Office (ICO) regulations, Beacon Hill School will not charge a fee to provide a copy of your personal data or your child’s personal data.

When a Fee May Apply

The school will only charge a reasonable, administrative fee under the following exceptional circumstances:

  • Manifestly Unfounded or Excessive Requests: If a request is clearly repetitive, requires an extraordinary diversion of school resources, or is intended to cause harassment.
  • Additional Copies: If you request further, duplicate copies of information that the school has already provided to you.

If the school deems a fee is applicable, we will notify you immediately and explain the administrative costs before processing the request.

The Difference Between a SAR and an Educational Record Request

It is important to understand that parents have two separate legal avenues to request information. The school handles these differently to remain compliant with both data protection and education laws:

1. Subject Access Request (UK GDPR / DPA 2018)

  • What it covers: Any personal data held by the school about an individual (e.g., emails mentioning the individual, behavioural logs, internal notes).
  • Who can apply: Pupils, or parents acting on behalf of their child (where the child is not deemed mature enough to consent).
  • Cost: Free.
  • Timescale: The school must respond within one calendar month of receiving the request and verifying identity.

2. Request for the Pupil Educational Record

  • What it covers: The official educational record of a pupil (e.g., academic marks, official reports, teacher assessments).
  • Who can apply: Any parent with a legal right to their child’s educational record.
  • Cost: The school may charge a small, reasonable fee strictly limited to the direct administrative cost of printing and photocopying the official educational record (if a physical copy is required).
  • Timescale: The school must provide access or copies within 15 school days.

How to Submit a Request

While you can make a Subject Access Request verbally or in writing to any member of staff, we strongly encourage you to submit your request directly to our Data Protection Lead to ensure it is processed as quickly as possible.

  • Data Protection Lead: Anabel Drought
  • Email: dpo@beaconhill.org.uk
  • Address: Beacon Hill School, Rising Sun Cottages, Wallsend, NE28 9JW

To help us locate your information efficiently, please include:

  1. The full name and date of birth of the individual the data relates to.
  2. Your relationship to the individual (if applying on behalf of a child).
  3. A clear description of the specific information you are looking for (e.g., “Attendance records between September and December”).
  4. Proof of identity (if requested by the school).

When can we refuse to comply with a request?

Where an exemption applies, you may refuse to provide all or some of the requested information, depending on the circumstances. You can also refuse to comply with a SAR if it is manifestly unfounded or manifestly excessive. Our detailed guidance explains the factors you should consider in determining whether a request is manifestly unfounded or excessive.

If you refuse to comply with a request, you must inform the individual of:

  • the reasons why;
  • their right to make a complaint to the ICO or another supervisory authority; and
  • their ability to seek to enforce this right through the courts. 

What is education data?

The DPA 2018 defines ‘education data’ as:

  • personal data which consists of information that forms part of an educational record; and
  • is not data concerning health.

The definition of ‘educational record’ in the DPA 2018 differs between England and Wales, Scotland and Northern Ireland. Broadly speaking, however, the expression has a wide meaning and includes most information about current and past pupils that is processed by or on behalf of a school. The definition applies to nearly all schools including maintained schools, independent schools and academies.

However, information a teacher keeps solely for their own use does not form part of the educational record. It is likely that most of the personal information a school holds about a particular pupil forms part of the pupil’s educational record. However it is possible that some of the information could fall outside the educational record, eg information a parent of another child provides about the pupil is not part of the educational record.