Back to Home

WHO WE ARE 

Loughborough Schools Foundation (LSF) is the organisation (referred to in this policy as “the Foundation”) responsible for four independent schools and a nursery operating under a single Board of Trustees. The Foundation comprises Fairfield Preparatory School (co-educational, 3-11), Loughborough Amherst School (co-educational 4-18) Loughborough Grammar School (boys, 10-18, day and boarding), Loughborough High School (girls, 11-18), and ‘The Nursery’ for children from 6 weeks to 4 years. 

The Foundation is incorporated as a company limited by guarantee, number 4038033, and is a registered charity, number 1081765. 

The Foundation is registered as the Data Controller under Data Protection Law and will observe the provisions of all related legislation, as well as frameworks provided by the Department for Education (DfE), to all Schools and departments within the Foundation. This includes Early Years Foundation Stages (EYFS), The Nursery, alumni associations, and any subsidiary companies.  

WHO THIS NOTICE APPLIES TO 

This notice applies to website visitors and social media users of the Foundation’s websites, social media pages and content. 

ABOUT THIS PRIVACY NOTICE 

This Privacy Notice explains how the Foundation processes your personal data and your rights in relation to the personal data we hold about you.  

This Privacy Notice also applies alongside any other information the Foundation may provide about particular uses of personal data. 

If we ask for your personal information, we will: 

  • tell you the reasons why we’re asking for it; 
  • only ask for the information we need; 
  • make sure we don’t keep it for longer than necessary; 
  • protect it and make sure only the appropriate people have access to it; 
  • let you know if we’ll share it with other organisations; 
  • keep it up to date where necessary and let you know if you need to notify us about changes to your circumstances; 
  • consider privacy risks when we’re planning to change the way we use or hold it; and 
  • train our staff to ensure we properly use and protect it. 

 

While we maintain a presence on social media platforms such as X (formerly Twitter), Facebook, LinkedIn, YouTube, and Instagram, please note that we do not control how these platforms process your personal data. When you interact with our content on these platforms (for example, by liking, commenting, or following us), your data is collected and processed by the social media company in accordance with their own privacy policies and terms of service. 

 

We advise you to review the privacy policies of each social media platform to understand how they collect, use, and protect your personal data. Any personal data you share with us directly via social media (such as through direct messages or comments) will be handled in accordance with this Privacy Notice, but for data collected by the platform itself, the platform is the data controller, and its processing activities are beyond our control. 

 

HOW WE COLLECT YOUR INFORMATION  

From digital forms on the website, for example: 

  • From the information you provide such as contact details, enquiries for admissions, applications for holiday course bookings, uniform shop orders. 

From cookies and similar tracking technologies on our website, to collect data from or about you, this data helps us enhance your experience, understand your preferences, and improve our services. The types of data collected from cookies may include, but are not limited to: 

  • Details about your visits to our website, such as pages viewed, time spent on each page, navigation paths, and any actions taken (e.g., clicks, form submissions). 
  • Technical information provided through analytics tools, such as your IP address, location data (country, region, city), browser type and version, operating system, device information, and referring website URLs.  

From engagement on social media platforms, that we use such as X (formerly Twitter), Facebook, LinkedIn, YouTube, and Instagram, the social media platforms themselves collect data and may provide us with certain insights or analytics about your interactions with our content. This may include the following types of data: 

  • From the information you provide to the platform such as comments, videos, pictures, likes and public messages. 
  • Direct messages, such as enquiries. 
  • Analytics and insights provided by the social media platform, such as interactions with our pages and/or content with demographic insights (e.g., age, range, location, interests). This data is collected and processed by the social media platform and shared with us in summary form. 
  • When you follow us on social media platforms, the platforms may provide us with notifications or aggregate information about the number of followers. 

 

Use of Target Group Definitions for Advertising Purposes, we use target group definitions provided by social media operators for advertising purposes, for example: 

  • The definitions are based only on anonymous data, such as general demographic details, behaviours, locations, interests, and connections. 

 

 

TYPES OF INFORMATION WE COLLECT 

We may collect the following types of personal data about you (and family members and ‘next of kin’ and prospective or current students where relevant): 

Contact and communications information, including: 

  • your contact details (including email address(es), telephone numbers and postal address(es)); 
  • contact details for your family members and ‘next of kin’, in which case you confirm that you have the right to pass this information to us for use by us in accordance with this Privacy Notice; 
  • records of communications and interactions we have had with you; 

 

Website usage and device information: 

  • Website visit details (pages viewed, time spent on each page, navigation paths, actions taken); 
  • IP Address; 
  • Location data (country, region, city); 
  • Browser type and version; 
  • Operating system; 
  • Device information; 
  • Referring website URLs; 

 

Engagement on Social Media Platforms: 

 

  • User provided content (comments, videos, pictures, likes, public messages); 
  • Direct message content; 
  • Social media analytics data (interactions with our pages and/or content); 
  • Following status on our social media accounts; 

 

Target group definitions for advertising purposes: 

  • Anonymous demographic data; 
  • Behavioural data; 
  • Location data; 
  • Interest data; 
  • Connection data; 

 

Biographical, educational, and social information, including: 

  • your name, title, gender, nationality and date of birth; 
  • your family details; 
  • details of your education and references from your previous schools; 
  • lifestyle information and social circumstances; 
  • details of your activities, including participation in sports, music, drama and other extra-curricular pursuits; 

 

Financial information, including: 

  • your tax status (including residence status); 
  • information related to bursaries, scholarships, or other financial assistance; 

 

Medical and welfare information, including: 

  • information concerning your health and medical conditions (for example, allergies or injuries); 
  • dietary requirements; 

 

REASONS FOR PROCESSING YOUR PERSONAL DATA, HOW THAT DATA IS USED AND WHOM IT IS SHARED WITH 

Legitimate Interests 

We process your personal data because it is necessary for our (or sometimes a third party’s) legitimate interests. Our “legitimate interests” include our interests in running the Foundation in a professional, sustainable manner, in accordance with all relevant ethical, educational, charitable, legal and regulatory duties and requirements. In this respect, we are likely to use your personal data for the following: 

  • to enable relevant authorities to monitor the Foundation’s performance and to intervene or assist with incidents as appropriate; 
  • for the purposes of management planning and forecasting, research and statistical analysis, including financial planning and budgeting; 
  • to ensure the financial stability and sustainability of the Foundation; 
  • monitoring and improving our educational services and outcomes; 
  • facilitating efficient communication between school and home; 
  • promoting the Foundation and its activities to prospective families; 
  • maintaining relationships with alumni and the school community; 

 

Legal Obligations 

We also process your personal data for our compliance with our legal obligations. In this respect, we are likely to use your personal data for the following: 

  • complying with education law and regulations; 
  • fulfilling our safeguarding and child protection duties; 
  • ensuring health and safety requirements are met; 
  • reporting to government agencies and educational authorities as required; 
  • complying with any other statutory data collection requirements; 

 

We will process special categories of personal data for lawful reasons only, including because: 

  • you have given us your explicit consent to do so, but only in circumstances where seeking consent is appropriate; 
  • it is necessary to protect your or another person’s vital interests, for example, where you have a life-threatening accident or illness on the campus, and we have to process your personal data in order to ensure you receive appropriate medical attention;  
  • it is necessary for the purposes of carrying out legal obligations and exercising legal rights (both yours and ours) in connection with your contract with us;  
  • it is necessary in connection with some function in the substantial public interest, including: 
  • the safeguarding of children or vulnerable people; or  
  • to prevent or detect unlawful acts; or 
  • as part of a function designed to protect pupils, parents, or the public from seriously improper conduct, malpractice, incompetence or unfitness in the provision of education and related services by the Foundation, or to address failures in these services (or to establish the truth of any such allegations); or 
  • to cooperate with a relevant authority, professional or regulatory body (such as the ISI, DfE, LADO or TRA) in such matters 
  • it is necessary for the establishment, exercise or defence of legal claims, such as where any person has bought a claim or serious complaint against us or you. 
  • it is necessary for reasons of substantial public interest, including safeguarding of children and individuals at risk. 

 

Sharing your information with others 

For the purposes referred to in this Privacy Notice and relying on the grounds for processing as set out above, we may share your personal data with certain third parties. We may disclose limited personal data (including in limited cases special category or criminal data) to a variety of recipients including: 

  • other employees, agents, and contractors (e.g. third parties processing data on our behalf as part of administering IT systems, educational platforms, catering services etc. – although this is not sharing your data in a legal sense, as these are considered data processors on our behalf); 
  • relevant government authorities (e.g. Department for Education, HMRC, police, Home Office, Prevent, a relevant public health / NHS body and / or local authority) and/or appropriate regulatory bodies (e.g. the Independent Schools Inspectorate, the Charity Commission etc.); 
  • other schools or departments within the Foundation where appropriate; 
  • health authorities and medical professionals, including the school’s designated medical officer and therapists; 
  • external auditors or inspectors; 
  • Third parties and their advisers in certain situations where we establish new working relationships or partnerships, either within the UK or internationally;  
  • our advisers where it is necessary for us to obtain their advice or assistance, including insurers, lawyers, accountants, or other external consultants; 
  • when the school is legally required to do so (by a court order, government body, law enforcement agency or other authority of competent jurisdiction), for example HM Revenue and Customs or Police. 
  • otherwise, where reasonably necessary for the operation of the Foundation and its educational and pastoral obligations. 

 

We may also share information about you with other education providers in the form of a reference, where we consider it appropriate, or if we are required to do so in compliance with our legal obligations. References given or received in confidence may not be accessible under your UK GDPR rights. 

 

How long your information is kept 

 

Personal data entered into website forms is retained for 15 months, unless we notify you that we intend to keep it for a longer period, and you do not object. 

 

Subject to any additional notices that we may provide, we are required to retain most pupil information for 25 years from the date of birth. However, some information, such as incident reports and safeguarding files, may be kept for longer in accordance with legal requirements and our Information and Records Retention Policy.  

 

Your rights 

You have the following rights:  

  • to obtain access to, and copies of, the personal data that we hold about you;  
  • to require us to correct the personal data we hold about you if it is incorrect;  
  • to require us (in certain circumstances) to erase your personal data;  
  • to request that we restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);  
  • to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;  
  • to object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.   

 

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. The school will endeavour to respond to any such requests as soon as is reasonably practicable and in any event within statutory time-limits (which is generally one month, but actually fulfilling more complex or multiple requests, e.g. those involving third party information, may take 1-2 months longer).  

You can find out more about your rights under applicable data protection legislation from the Information Commissioner’s Office website available at www.ico.org.uk. 

Responsibility and data protection  

The Foundation has appointed a Data Protection Officer who will deal with all requests and enquiries concerning the Foundation’s uses of your personal data (see section on Your Rights below) and endeavour to ensure that all personal data is processed in compliance with this policy and Data Protection Law. The Data Protection Officer can be contacted on dataprotection@lsf.org   

Contact and complaints 

If you have any queries about this Privacy Notice or how we process your personal data, or if you wish to exercise any of your rights under applicable law, you may contact the Data Protection Officer by emailing dataprotection@lsf.org or writing to 3 Burton Walks, Loughborough, Leicestershire, LE11 2DU 

If you are not satisfied with how we are processing your personal data, or how we deal with your complaint, you can make a complaint to the Information Commissioner: www.ico.org.uk. The ICO does recommend you seek to resolve any issues with the data controller initially prior to any referral. 

This notice  

The Foundation will update this Privacy Notice from time to time. Any substantial changes that affect your rights will be provided to you directly as far as is reasonably practicable. This Privacy Notice was lasted updated on 1st October 2024.