Privacy Notice for Clients and Personal Assistants/GDPR
We are committed as per our promise to safeguard and protect all your data at all times, including visitors to our website.
This policy forms part of our terms and conditions with you.
Flexicare Home Services UK Ltd are registered with the CQC awarded “Outstanding”.
The company has been in business for 21 years and has four generations of family at the heart of the culture.
We are also registered with the Information Commissioners Office (ICO) and have appointed a data protection officer (DPO) who is responsible for overseeing any questions you may have in relation to this privacy notice.
This includes any requests to exercise your legal rights. See below contact details:
- Name of Company :Flexicare Home Services UK Ltd.
- Name of DPO: Jeanette Phillips.
- Email address: firstname.lastname@example.org
- Postal Address: Unit1/2. The Steadings Business Centre. Maisemore Court,
Maisemore. Gloucestershire. GL2 4RP.
- Telephone number: 01452 306296.
You have the right to complain to the Information Commissioners Office (ICO)
(www.ico.org.uk) however, we would appreciate the opportunity to talk with you first in line with our company values of trust and goodwill and learning from the experience.
The aims of our policy is to present in a simple language how we use and process your data and how we safeguard your data at all times.
Our data protection policy has bee revised on 23rd May 2018 in line with the General Data Protection Regulation (GDPR).
It is important that we keep data current and live so please do update us if your data changes.
When you leave our website please check the privacy notices for each individual website.
Information that Flexicare Home Services UK Ltd need to collect from you in order to remain compliant with the Care Quality Commission (CQC).
- Identity Data : Name/address/ date of birth/ For Personal Assistants: Birth Certificate/marriage certificate/passport details.
- Special Categories of Personal Data: information about your medical conditions, medical health, medication requirements, and moving and handling requirements. Also any data we may require to ensure that we meet CQC fundamental standards and to deliver safe/effective/responsive/compassionate and well-led care/support. (CQC/2018.)
DNR instructions (Do Not Resuscitate) and Advanced Directives/Care Plans.
- Contact Data: This includes you contact details/email addresses/invoice addresses/Financial/Health Power of Attorney details.
- Transaction Data: details of payments from and to you.
- Aggregated Data: We may also collect aggregated data for research purposes (Centre for Practical Innovation in Care).
- Special Categories of Data may also be collected to meet CQC standards.
How your personal data is collected.
- Direct Interactions to include: assessments/interviews for Personal Assistants/completion of forms/ correspondence by phone/post/email or otherwise/marketing materials/website data completion. This list is not exhaustive however full data safeguards will be undertaken at all times.
- Automated Data: as and when you interact with our website we may collect data from you in the form of an enquiry.
- Third Party: We may receive data from the public authorities that we work with in order to provide sustainable safe/effective/responsive/compassionate and well-led care/support this may be: commissioners/procurement professionals/social workers/consultants/General Practitioners/District Nurses /Physiotherapists/Occupational Therapists/Dieticians or any public authority with data relevant to our care/support service.
How we will use your information.
We will ONLY use your data in the following circumstances.
- Where you having given us your consent to hold your data.
- Where we need to enter into a contract with yourself to deliver our company services.
- Where we need to comply with our legal regulators the Care Quality Commission.
- Where it is necessary for compliance with your vital interest.
- Where it is necessary for our legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interests.
|Purpose / Activity of Data.||Type of Data||Lawful basis.|
|To register you as a new Client||identity / contract||Contract with you|
|To process and deliver your services||identity / contract||Contract / legal|
|To manage our relationship with you||identity / contract / communications||To meet legal and CQC legal requirements|
Change of Purpose: We will only use your data for the purposes for which it is collected unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your data for an unrelated purpose we will notify you and explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent in compliance with the above rules where this is required or permitted by law.
Client/Citizen/Personal Assistant Confidentiality.
Your medical data and any sensitive data will be confidential at all times and only accessible to employees of the Company who are contracted for the specific purpose of either providing a service of community care/support or management of the service.
We will never disclose this data unless legally required to by law.
We are committed to protecting and respecting your privacy, and using technology to enhance your online security.
Storing Your Personal Data.
By providing your data to us we will abide by our promise to transfer, secure and process your data in a confidential way at all times.
We will do our utmost to ensure that all reasonable steps are taken to make sure that your data is transferred and stored securely.
We have put in place procedures to deal with any suspected data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.
We have the following in place to protect your data:
- Your consent is always obtained PRIOR to obtaining and securing your data.
- All office based and portable computers/ipads are password protected.
- Pass Genius (Everylife Technologies) have all your data secured safely in the cloud and access to the system is tightly controlled by authorised personnel.
- All paper records are stored in locked fireproof cabinets.
- Shred it machines are used for all paper disposal shredding.
- Personal Data is not kept Any longer than required.
Your consent is always achieved prior to accepting and storing your data.
- Minimal Data is collected in order for our contract with you to be fulfilled.
- We limit your data strictly to employees, agents, or public authority required to fulfil our legal contract.
- All staff are trained to minimum Care Certificate Standards( 14 Handling information) and management are trained in their role as Data Controllers or Data Processors.
- All staff sign a Company “Confidentiality Policy” on induction.
- All our Operating systems are icloud based and backed up in the cloud.
How long will we keep your data for:
- We will only keep your data for as long as necessary to fulfill the required purpose of either reporting, legal or accounting.
- Following this, we will safely dispose of your data securely in line with our company policy.
- In order to determine the appropriate retention period for personal data, we will consider the following: amount/ nature and sensitivity of the data and the potential risk of harm from unauthorised use or disclosure of your personal data.
- We will also consider the purpose by which we process your personal data and whether we can achieve those purpose through other means, and the applicable requirements.
Your Legal Rights as a Client/Citizen/Personal Assistant with Flexicare Home Services UK Ltd.
- Request Access to your data (subject access request). This enables you to have access to the data we are holding and to check that we are lawfully processing it/who we have shared with/and how long we envisage storing the data.
- Request Correction: Request correction of any personal data we hold about you.
- Request erasure of your personal data/This enables you to delete or remove data where there is no reason for us to continue processing it.
- Object to processing: You have the right to object to any handling processing or storing of data that infringes your fundamental rights and freedom.
- Request restriction of personal data: You are entitled to suspend any data you feel is inaccurate
- Request the transfer of data: You have the right to ask for your data to be transferred as part of your contract with the Company.
- You may withdraw your “consent for data holding” at any time.
We will ensure Your data is safeguarded at all times with the highest possible
standards… Jeanette Phillips. (Data Protection Officer).