Assurance Statement:

Wellspring Academy Trust has a responsibility as a data controller to ensure we remain compliant with the General Data Protection Regulations (GDPR) and Data Protection Act 2018 principles.

The steps we have taken include but are not limited to:

  • Updating our data protection policy suite and privacy notices
  • Operating an annual audit programme to review technical and procedural measures
  • Conducted an IT network security review
  • Establishing a GDPR assurance and development plans
  • Implementing a staff training and development programme
  • Identification of Information Asset Owners
  • Established a network for local Data Protection Leads
  • Reviewing supply chain GDPR compliance standards
  • Appointing a Data Protection Officer (DPO)

Name: Matthew Lindsay


Telephone: 01226 720742

  • We aspire to achieve information management accreditation such as ISO 27001 (Information Security Standard) and Cyber Essentials accreditation. Although many of our service providers do currently hold such accreditation.
  • We are continuing to review existing service contracts and service level agreements


For further information, please see: