GDPR - CCTV Policy

North Ealing Primary School


The school recognises that CCTV systems can be privacy-intrusive.

Review of this policy shall be repeated regularly and whenever new equipment is introduced a review will be conducted and a risk assessment put in place. We aim to conduct reviews no later than every two years.


The purpose of the CCTV system is to assist the school in reaching these objectives:

  1. To protect pupils, staff and visitors against harm to their person and/or property.
  2. To increase a sense of personal safety and reduce the fear of crime.
  3. To protect the school buildings and assets.
  4.  To support the police in preventing and detecting crime.
  5. To assist in identifying, apprehending and prosecuting offenders.
  6. To assist in establishing cause of accidents and other adverse incidents and prevent reoccurrence
  7. To assist in managing the school.

Purpose Of This Policy

The purpose of this Policy is to regulate the management, operation and use of the CCTV system (closed-circuit television) at the school. The CCTV system used by the school comprises of:

Statement Of Intent

Notification has been submitted to the Information Commissioner and the next renewal date has been recorded.

The CCTV system will seek to comply with the requirements both of the Data Protection Act and the most recent Commissioner’s Code of Practice.
The school will treat the system, all information, documents and recordings (both those obtained and those subsequently used) as data protected under the Act.

The system has been designed so far as possible to deny observation on adjacent private homes, gardens and other areas of private property.

Materials or knowledge secured as a result of CCTV will not be used for any commercial purpose.
Images will only be released to the media for use in the investigation of a specific crime with the written authority of the police. Images will never be released to the media for purposes of entertainment.

The planning and design has endeavoured to ensure that the system will give maximum effectiveness and efficiency but it is not possible to guarantee that the system will cover or detect every single incident taking place in the areas of coverage.

Warning signs, as required by the Code of Practice of the Information Commissioner will be clearly visible on the site and make clear who is responsible for the equipment.

Where wireless communication takes place between cameras and a receiver, signals shall be encrypted to prevent interception.

Recorded images will only be retained long enough for any incident to come to light (e.g. for a theft to be noticed) and the incident to be investigated. In the absence of compelling a need to retain images for longer (such as an ongoing investigation or legal action), data will be retained for no longer than 14 days.

System Management

Access to the CCTV system and data shall be password protected.

The CCTV system will be administered and managed by the Site Manager who will act as System Manager and take responsibility for restricting access, in accordance with the principles and objectives expressed in this policy. In the absence of the Systems Manager the system will be managed by Business Manager.

The system and the data collected will only be available to the Systems Manager, his/her replacement and appropriate members of the senior leadership team as determined by the Headteacher.

The CCTV system is designed to be in operation 24 hours each day, every day of the year, though the school does not guarantee that it will be working during these hours.

The System Manager will check and confirm the efficiency of the system regularly and in particular that the equipment is properly recording and that cameras are functional.

Cameras have been selected and positioned so as to best achieve the objectives set out in this policy in particular by proving clear, usable images.

Unless an immediate response to events is required, cameras will not be directed at an individual, their property or a specific group of individuals, without authorisation in accordance with the Regulation of Investigatory Power Act 2000.

Where a person other than those mentioned in paragraph 5.3 above, requests access to the CCTV data or system, the System Manager must satisfy him/herself of the identity and legitimacy of purpose of any person making such request. Where any doubt exists access will be refused.

Details of all visits and visitors will be recorded in a system logbook including time/data of access and details of images viewed and the purpose for so doing.

Complaints About The Use Of CCTV

Any complaints in relation to the school’s CCTV system should be addressed to the Headteacher.

Request For Access By The Data Subject

The Data Protection Act provides Data Subjects – those whose image has been captured by the CCTV system and can be identified – with a right to data held about themselves, including those obtained by CCTV. Requests for such data should be made to The Business Manager.

Public Information

Copies of this policy will be available to the public from the school office.

The committee with oversight for this policy
Policy to be approved by
Resources Committee
Policy last reviewed by the Resources Committee
Policy last ratified and adopted by Full Governing Body
Policy / Document due for review
November 2024