Privacy policy



Get to know how we safe keep your data



Disclaimer. Whilst Harvest Academy Malaysia takes care to ensure the accuracy of the content, to the extent permitted by law, Harvest Academy Malaysia assumes no legal liability for and does not warrant that the information contained on this website is accurate or complete, or that these web pages will be free from errors or that its availability will be uninterrupted and Harvest Academy Malaysia hereby expressly disclaims and excludes all express and implied warranties terms or conditions not stated herein, so far as such exclusion or disclaimer is permitted under the applicable law. Harvest Academy Malaysia excludes all liability to any person for any loss or damage caused by any errors or omissions, whether such errors or omissions result from negligence, accident or any other cause but this disclaimer does not apply to any claims for fraudulent misrepresentation, personal injuries or death.


Restrictions on Use of Content. The content of this website and all copyright and other intellectual property rights therein belong to Harvest Academy Malaysia or its content providers. You are hereby granted permission to access the site and print a copy of the content as a record of your visit. All other use of the site and its content, including modification, publication, transmission, creation of derivative works, incorporation into another website or reproducing of the site or the content (whether by linking, framing or any other method) is not permitted without Harvest Academy Malaysia prior express written consent.


Personal Data Protection Act 2010 gives individuals the right to know what information is held about them. It provides a framework to ensure that personal information is handled properly. The Act gives the public a general right of access to information held by public bodies and outlines the requirements that must be followed when responding to requests. It also outlines reasons for withholding information, which are known as exemptions from the right to know. Harvest Academy Malaysia aims to fulfill its obligations under the Personal Data Protection Act 2010 by ensuring that anyone who processes personal information complies with the Act.



Security Measures In Place

The school has procedures in place to ensure appropriate use, disclosure and protection of personal data, including sensitive data relating to members of staff and students’ records. The school uses physical and electronic safeguards to ensure the security of data.

These include:

• Locks to administrative office

• Secure management of the holding and storage of keys

• Installation of anti-virus software

• Installation of firewall software/hardware

• Secure data backup procedures

• Good practice relating to passwords, clear screens, locking of computers



Personal Data Covered by the Act

This includes, but is not limited to:

• School admission and attendance registers

• Students’ curricular records

• Annual returns to the relevant authorities

• Reports to parents on the achievements of their children

• Records in connection with students entered for public examinations

• Staff records, including disciplinary and payroll records

• Student disciplinary records

• Records of contractors and suppliers

• Personal information for teaching and learning purposes (assessment data)



Sensitive Data

Sensitive data can only be processed if the information has been lawfully and fairly obtained and that the subject has consented, sensitive data includes:

• Ethnic origin

• Political opinions

• Religious beliefs

• Other beliefs of a similar nature

• Membership of a trade union

• Physical or mental health condition

• Alleged and/or criminal offence

• Proceedings or court sentence

The school’s administrative officer is responsible for deciding how any personal data is to be processed and ensuring that it complies with the Personal Data Protection Act 2010.



Access to Information

The second area covered by the Data Protection Act provides individuals with important rights, including the right to find out what personal information is held on computer and most paper records.

The subject access right – where a student has the right to a copy of his/her own information. Requests may also be made by a parent/guardian on behalf of his/her child. All students and parents are entitled to have their records disclosed to them on written request, unless it is obvious that they do not understand what they are asking for, or if disclosure would be likely to cause them or anyone else serious physical or mental harm.

All requests should be addressed to the administrative officer at the relevant Harvest Academy Malaysia. The request should be made in writing and describe the information to which access is required. If practicable and reasonable, the information will be copied or printed and posted to the person making the request. Arrangements can be made to view the information by an individual as an alternative. The School will comply with the request within a period of 14 working days.

There are certain circumstances, where access will be denied. This includes cases where the information might cause serious harm to the physical or mental health of the students or another individual or the request would entail releasing examination marks before they are officially announced. When a student transfers to another Harvest Academy Malaysia, the new school should be sent a completed transfer form and all educational records relating to the student, including copies of their student reports.

When a student transfers to a new school other than Harvest Academy Malaysia, all educational records relating to the student, including copies of their student reports should be provided to the parents/guardians.



Charging

Straightforward requests for information are provided free of charge. More complex requests will be charged; the school’s administrative officer will provide details regarding charges on request.



Sharing of Data and Student consent

The interests of the student should remain paramount at all times. Whenever possible, students should be consulted and their wishes taken into account concerning the sharing of information about them. The exceptions to this are:

When there is a legal obligation to share information without the consent and/or knowledge of the student, e.g., child protection; when the student is deemed to be unable to make a competent decision concerning the sharing of information about them. In such instances, those who are responsible for the student should be consulted.

It should be made clear as early as possible that absolute confidentiality cannot be guaranteed if a student’s own safety or the safety of others is at risk. Where a member of staff believes that there is a risk to the health, safety or welfare of a young person or others, which is so serious as to outweigh the young person’s right to privacy, they should clearly explain this to the student and inform the Head of School.



Sharing data within the school

Those responsible for sharing personal or confidential information about students or staff should work together to ensure that such sharing is handled in line with statutory guidance. Responsible staff should meet to discuss and agree on what information should be shared, for what legal or proper purpose, to whom it should be shared and how much information should be reasonably disclosed. Sensitive data such as medical information on staff and students should not be displayed in ‘public’ areas where guests to the school may be admitted.



Who needs to know?

Potentially, those who work directly with students may need to be informed of confidential information. Those responsible for the running and administration of the school may also need to be informed. These include:

• Class teachers

• Teaching staff

• Pastoral and support staff

• Parents

• Guardians or carers

• Head of School

• School board members

• Outside agencies



Basis for sharing information

Information may be shared

• for information only (e.g. to ensure others may respond appropriately in the case of classroom management, potential problems)

• because action is required (e.g. to inform the Principal in the case of possible Child Protection issues)

Information should only be shared

• on a ‘need to know’ basis

• in accordance with legal requirements

Where an individual faces a conflict of interest about whether to disclose information or not

• the interests of the students take priority

• other staff who share the information should be consulted

When in doubt, information should not be shared unless

• there is a legal requirement to do so

• there is a clear benefit to the student to do so

• that the student will be protected from harm by the disclosure



Revisions to Privacy Notice

This Privacy Notice may be revised from time to time. Notice of any such revision will be given on www.harvestacademy.org.my website and/or by such other means of communication deemed suitable by Harvest Academy Malaysia.