Data Protection Service

Plumsun will provide a Data Protection Adviser for the provisions of the GDPR to help organisations comply with the General Data Protection Regulation (GDPR) requirements, which will apply from 25 May 2018.

In order for the above to be effective Plumsun will consider:

  • Being effective in our role of Data Protection Officer Adviser for Schools (Adviser is the external equivalent of an Officer) Access to the Data Protection Module of the Plumsun Site (and also the free Governor Services Module)
  • Completion of monitoring - Information Audit and Data Protection Impact Assessment
  • A document reviewed by the school of what personal data is held.
  • Prioritising which parts of the GDPR will have the greatest impact on the schools business model to apply with GDPR accountability principle
  • Reviewing of a privacy notice/policy
  • Complete/check procedures to ensure they cover all the rights individuals have and how subject access requests are handled
  • Advice and recommendations to ensure compliance of GDPR
  • Review of contracts and other arrangements schools have in place when sharing data with other organisations
  • Statement regarding the lawful basis for processing personal data
  • Review how schools seek, record and manage consent and whether they need to make any changes – including deleting personal data
  • Statement of systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity Ensure procedures in place to effectively detect, report and investigate a personal data breach


Primary Schools
£550 plus £0.75 per pupil
Secondary Schools
£850 plus £1.00 per pupil