Data Anonymisation#

Data anonymisation is a process that helps you comply with your UK GDPR requirements by allowing a users personal data to be deleted.

The Data Protection Officer can create a request for anonymising a users data. This is queued and processed overnight on the day of request. Requests are processed overnight due to the high load and potential impact on standard operation.

Caution

Due to the risk of data deletion with this feature only the Data Protection Officer will be able to access this functionality, there is no permission for assigning access. The Data Protection Officer is specified in the Data Protection Officer setting.


What’s the Goal of This Process#

The main goals of this process are to enable you to meet your UK GDPR requirements while retaining as much information as possible to allow you to make assessments and statistical analysis of historical data.

To that end personal data is deleted and other data is retained where it could be useful.


What Data is Deleted#

The following data is deleted:

  • Address

    • The users postal address.

  • Consent

    • The user’s response to all consent statements.

    • The user’s file consent items.

  • Date of Birth

  • Email Address

  • Emails

    • The users email address is removed from all emails sent.

  • Ethnic Information

    • English Proficiency Details

    • Ethnicity

    • First Language

  • Forename

  • In Care Information

    • Care Authority Details

  • Information Update Requests

  • Mobile Number

  • Notifications

    • Notifications Assigned to the User only are Deleted.

    • Users removed as recipients from all Notifications.

  • Third Party ID

    • If third party integration is enabled, the users third party ID is deleted.

  • Pupil Premium Information

    • Pupil Premium Details

  • School Identifier

    • Your schools identifier for the user.

  • Security Information

    • Additional logins

    • One Time User Links

    • Password

    • Permissions

    • Secret Question Details

  • Sixth Form Admissions

    • Application Talk To Us Messages (Only removed if the user is the applicant of the application).

    • Application Files/Documents (Only removed if the user is the applicant of the application).

  • SMS Messages

    • The users mobile number is removed from all SMS Messages sent.

  • Surname

  • Telephone Number

  • Work Telephone

  • Title

    • The users title (Mr, Mrs etc).

  • User Group Memberships

  • User Relationships

  • Username

    • The username for logging in.


What Data is Retained#

All data not explicitly listed above is retained. The below fields are retained and should be of particular interest to know:

  • Gender

    • The users gender.

  • Postcode

    • The users postal addresses postcode.

Tip

At first glance you might question if these fields contain personal data but once the other data is removed an individual can no longer be identified using this data and as such does not constitute personal data any longer.


Creating a New Request#

To create a new request the Data Protection Officer can select the Create option from the Data Anonymisation section of the side menu.

You should then select the user that you’d like to anonymise.

For additional security you must then confirm your understanding that once you submit this form the data will be deleted and there will be no way to recover the data. Once confirmed click the anonymise user button to submit the request.