Privacy Policy

We are committed as per our promise to always safeguard and protect all your data, including visitors to our website. 

This policy sets out the data that we collect from you and how we use it when you use the care/support services from Flexicare or otherwise interact with us. This policy explains how we use cookies on our website. This policy forms part of our terms and conditions with you. 

Flexicare are registered with the CQC awarded “Outstanding”. 

The company has been in business for 27 years and has a four generations of family at the heart of the culture. 

We are also registered with the Information Commissioners Office (ICO) and have appointed a data protection officer (DPO) who is responsible for overseeing any questions you may have in relation to this privacy notice. 

This includes any requests to exercise your legal rights. See below contact details: 

  • Name of Company :Flexicare 
  • Name of DPO: Jeanette Phillips. 
  • Postal Address: Unit1/2. The Steadings Business Centre. Maisemore Court, Maisemore. Gloucestershire. GL2 8EY. 
  • Telephone number: 01452 306296. 

You have the right to complain to the Information Commissioners Office (ICO) ( however we would appreciate the opportunity to talk with you first in line with our company values of trust and goodwill and learning from the experience. 

Aims and Objectives of the Privacy Policy. 

The aims of our policy are to present in a simple language how we use and process your data and how we safeguard your data at all times. 

Our data protection policy has been reviewed in January 2024, in line with the General Data Protection Regulation (GDPR). 

It is important that we keep data current and live so please do update us if your data changes. 

When you leave our website please check the privacy notices for each individual website. 

Information that Flexicare need to collect from you to remain compliant with the Care Quality Commission (CQC). 

  • Identity Data: Name/address/ date of birth/ For Personal Assistants: Birth Certificate/marriage certificate/passport details. 
  • Special Categories of Personal Data: information about your medical conditions, medical health, medication requirements, and moving and handling requirements. Also, any data we may require ensuring that we meet CQC fundamental standards and to deliver safe/effective/responsive/compassionate and well led care/support. 
  • (CQC/2018.) 
  • DNR instructions (Do not Resuscitate) and Advanced Directives/Care Plans. 
  • Contact Data: This includes you contact details/email addresses/invoice addresses/Financial/Health Power of Attorney details. 
  • Transaction Data: details of payments from and to you. 
  • Aggregated Data: We may also collect aggregated data for research purposes (Centre for Practical Innovation in Care). 
  • Special Categories of Data may also be collected to meet CQC standards. 

How your personal data is collected. 

  • Direct Interactions to include assessments/interviews for Personal Assistants/completion of forms/ correspondence by phone/post/email or otherwise/marketing materials/website data completion. This list is not exhaustive however full data safeguards will be always undertaken. 
  • Automated Data: as and when you interact with our website, we may collect data from you in the form of an enquiry. 
  • Third Party: We may receive data from the public authorities that we work with to provide sustainable/safe/effective/responsive/compassionate and well led care/support this may be commissioners/procurement professionals/social workers/consultants/General PR actioners/District Nurses /Physiotherapists/Occupational Therapists/Dieticians or any public authority with data relevant to our care/support service. 

How we will use your information. 

All personal information about you/ and or any other person’s data you provide to provide community service will be recorded used and protected with current Data Protection Legislation (2018) our “Terms of Business” and this “Privacy Policy”. 

We will ONLY use your data in the following circumstances. 

  • Where you are having given us your consent to hold your data. 
  • Where we need to enter a contract with yourself to deliver our company services. 
  • Where we need to comply with our legal regulators the Care Quality Commission. 
  • Where it is necessary for compliance with your vital interest. 
  • Where it is necessary for our legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interests. 
Purpose/Activity of Data Type of Data Lawful basis 
To register you as a new Client identity/contract Contract 
To process and deliver your services identity/contract Contract/legal  
To manage our relationship with you identity/contract/communications To meet legal and CQC legal requirements 

Change of Purpose 

 We will only use your data for the purposes for which it is collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. 

If we need to use your data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. 

Please note that we may process your personal data without your knowledge or consent in compliance with the above rules where this is required or permitted by law. 

Client/Citizen/Personal Assistant Confidentiality. 

Your medical data and any sensitive data will be always confidential and only accessible to employees of the Company who are contracted for the specific purpose of either providing a service of community care/support or management of the service. 

We will never disclose this data unless legally required to by law. 

We are committed to protecting and respecting your privacy and using technology to enhance your online security. 

We are committed to ensuring that all Clients/Citizens and Personal Assistants of Flexicare are aware and understand this updated Privacy Policy in line with the GDPR/Data Protection Act 2018. 

Storing Your Personal Data 

By providing your data to us we will abide by our promise to transfer, always secure and process your data in a confidential way. 

We will do our utmost to ensure that all reasonable steps are taken to make sure that your data is transferred and stored securely. 

We have put in place procedures to deal with any suspected data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so. 

We have the following in place to protect your data: 

  • Your consent is always obtained PRIOR to obtaining and securing your data. All office based, and portable computers/iPad are password protected. 
  • Access has all your data secured safely in the cloud and access to the system is tightly controlled by authorised personnel. 
  • All paper records are stored in locked fireproof cabinets. 
  • Shred it machines are used for all paper disposal shredding. 
  • Personal Data is not kept Any longer than required. 
  • Your consent is always achieved prior to accepting and storing your data. 
  • Minimal Data is collected for our contract with you to be fulfilled. 
  • We limit your data strictly to employees, agents, or public authority required to fulfil our legal contract. 
  • All staff are trained to minimum Care Certificate Standards (14 Handling information) and management are trained in their role as Data Controllers or Data Processors. 
  • All staff sign a Company “Confidentiality Policy” on induction. 
  • All our Operating systems are cloud based and backed up in the cloud. 

How long will we keep your data for: 

  • We will only keep your data for as long as necessary to fulfil the required purpose of either reporting, legal or accounting. 
  • Following this we will safely dispose of your data securely in line with our company policy. 
  • To determine the appropriate retention period for personal data we will consider the following: amount/ nature and sensitivity of the data and the potential risk of harm from unauthorised use or disclosure of your personal data. 
  • We will also consider the purpose by which we process your personal data and whether we can achieve those purpose through other means, and the applicable requirements. 

Your Legal Rights as a Client/Citizen/Personal Assistant. 

  • Request Access to your data (subject access request). This enables you to have access to the data we are holding and to check that we are lawfully processing it/who we have shared with/and how long we envisage storing the data. 
  • Request Correction: Request correction of any personal data we hold about you. 
  • Request erasure of your personal data/This enables you to delete or remove data where there is no reason for us to continue processing it. 
  • Object to processing: You have the right to object to any handling processing or storing of data that infringes your fundamental rights and freedom. 
  • Request restriction of personal data: You are entitled to suspend any data you feel is inaccurate. 
  • Request the transfer of data: You have the right to ask for your data to be transferred as part of your contract with the Company. 
  • You may withdraw your “consent for data holding” at any time. 

We will ensure Your data is always safeguarded with the highest possible. 


Jeanette Phillips 

(Data Protection Officer).