(301) 947-7380
99.987% uptime·0 security breaches·35+ years in education·Built and supported in the U.S.
Posted May 18, 2018
How To Make Your School Database GDPR Compliant

How to Make Your Database GDPR Compliant

https://www.hallaminternet.com/how-to-make-your-website-gdpr-compliant/

1. Forms: Active Opt-In

Forms that invite users to subscribe to newsletters or indicate contact preferences must default to “no” or be blank. You will need to check your forms to ensure this is the case.

2. Granular Opt-In

The consent you are asking for should be set out separately for accepting terms and conditions, and acceptance of consent for other ways of using data. Users should be able to provide separate consent for different types of processing.

3. Easy to Withdraw Permission or Opt-Out

It must be just as easy to remove consent as it was to grant it, and individuals always need to know they have the right to withdraw their consent. In terms of your web user experience, this means unsubscribing could consist of selectively withdrawing consent to specific streams of communication.


4. Named Parties

Your web forms must clearly identify each party for which the consent is being granted. It isn't enough to say specifically defined categories of third-party organizations. They need to be named.


5. Privacy Notice and Terms and Conditions

The Information Commissioner's Office (ICO) has very kindly provided a sample privacy notice that you can use on your website. It is concise, transparent, and easily accessible. You will also need to update your terms and conditions on your website to reference GDPR terminology. In particular, you will need to make it transparent what you will do with the information once you've received it, and how long you will retain this information both on your website and also by your office systems.

Good and bad examples of Privacy Notices:
https://ico.org.uk/media/for-organisations/documents/1625136/good-and-bad-examples-of-privacy-notices.pdf

For your reuse:


6. Children under age of 16

Because individuals will only be able to give consent if they are over 16 years old, you should ensure that the person providing the consent is the holder of parental responsibility over the child.


See also
Contact    User    Ask    DAT   
Update

Back with the ATLIS Community

1 min read · Updated May 04, 2026

Was this article helpful?

Your feedback goes to the team that maintains this article.

Thanks. We use this to improve the article.

Still have questions?

Live chat is staffed weekdays 8 am to 7 pm ET. Tickets get a response within one business day.

Open a ticket

New to PCR Educator?

If you landed here from a search and want to see what PCR can do, the demo is the fastest way in. Thirty minutes, no commitment.

Book a demo
PCR Educator
School Operations Platform

One platform for K-12 schools, higher education, performing arts institutions, and health science programs since 1989.

PCR Educator on Capterra: 4.7 out of 5 stars
Platform
    Solutions
      Resources
        Company
          © 1989-2026 PCR Educator, Inc.Silver Spring, MD · U.S.A. · (301) 947-7380