GDPR - ̽



̽ is fully committed to complying with the EU General Data Protection Regulation.

We have implemented an Information Governance Framework to ensure that we have the correct policies, procedures, publications and tools to be compliant. Additionally, all of our staff have access to data protection and cyber security training.

Click here to submit a .

If you have any questions or comments, please contact and we will do our best to help you.


Notification of a Data Incident

Regrettably, I am writing this statement to advise that on the 27th of December 2023, systems at the Thomas Bennett Community College were compromised in a sophisticated cyber incident.

It has been confirmed that during the incident that some of the systems within the school had been accessed by an unauthorised party and data has been copied.

Since the incident, our in-house experts and expert external support have confirmed that the following data has been copied as part of the incident

  • First name
  • Last name 
  • Registered Address Data
  • Year Group 
  • Assessment data 
  • ID Photographs

The age of the data in impacted systems spans from 2002 to 2023 however a large volume of data within this date range is commercial data rather than personal data in nature. 

There is no indication that financial data including banking information, passport information or medical data has been accessed as part of this incident. 

As part of the management of this breach we are working with the relevant authorities, including the Information Commissioner’s Office, Action Fraud and external specialists. 

We know this will cause concern to members of our school community and we are very sorry for this.  

Our priority is to resolve this issue and provide information to those affected as soon as we are able to, and we are focusing all available resources. 

Likely Risk and Mitigation 

Our review has indicated that the risk to individual members of the TBCC community is low, however a breach of this type could increase the risk of identity theft or fraud. 

You should be vigilant to any suspicious phishing emails. The NCSC (National Cyber Security Centre) has guidance for individuals advising on how to protect against the impacts of data breaches: . There is also . 

To prevent a recurrence of this type of breach ̽ are taking several steps:

  • We are reviewing and updating our systems and working with external experts to assess our security posture and implement more robust security controls 
  • We have updated our network architecture to improve our security defences 
  • We are in the process of updating our security protocols across all of our schools 

Contact Details 

If you have any additional concerns, you can contact the Trusts Data Protection Officer via


Neil Barnes

Data Protection Officer



̽ GDPR Date  
10th Jun 2021 Download
10th Jun 2021 Download
10th Jun 2021 Download
21st May 2024 Download
21st May 2024 Download
21st May 2024 Download
21st May 2024 Download
21st May 2024 Download
21st May 2024 Download
Your browser is out-of-date!

Update your browser to view this website correctly.