We ask that you read this Privacy Notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and other organisations in the event you have a complaint.
We are 1st Homecare. The full name of the company through which we provide services in Oxford and the surrounding area is 1st Homecare (Oxford) Limited., in Leighton Buzzard and the surrounding area the company is 1st Homecare Solutions Limited., and in Kings Langley in Hertfordshire, it is 1st Homecare Kings Langley (a branch of 1st Homecare Solutions Limited).
As a provider of social care and support services, we collect and use certain personal information about our clients.
When you enquire about our care and support services, and for so long as we provide care and support services to you, we collect and use some or all of the following personal information (depending on what is relevant):
3.1 Our responsibilities as “controller”
We are what is called the ‘controller’ of the personal information we collect regarding you, and we are responsible for how that information, or “data” is managed. The General Data Protection Regulation (“GDPR”) sets out our obligations to you and your rights in respect of how we manage your personal information.
As the ‘controller’ of your personal information, we will ensure that the personal information we hold about you is:
3.2 How we use your personal information
We use your personal information to:
3.3 Who we share your personal information with
We only share your personal information with third parties where it is strictly necessary in order to provide you with the care services we have undertaken to provide, or as a requirement placed upon us as a care provider by law. Our starting point is that information we hold regarding you will be kept confidential in accordance with the terms of our Confidentiality Policy, however, in order to provide care services to you that meet your needs, we may share personal information with the wider team involved in your care. For example, we share your medical information with appropriate external social or health care professionals (including your GP and pharmacist), and we also share information relating to you and to the care we provide to you, with any individuals you have nominated as your representative, with any Attorney you have appointed, and/or with your family, where this is appropriate. This data sharing enables us to establish the type of care and support you need, and to ensure you have the right care package to suit your individual circumstances and your changing needs. Were you to change care provider at any point, we may also need to share information with the incoming care provider to ensure that you continue to receive the care and support you need.
We will share personal information with regulatory bodies, law enforcement bodies or other authorities if required by law. This includes information required by public bodies to evidence our compliance with the applicable regulatory framework for social care providers and/or compliance with a contract with a public body to provide services. We are also required to share personal information with external social or health care professionals, including public bodies and local safeguarding groups (in some circumstances) to ensure your safety.
In order to be able to provide you with care services, we have contracts with third parties for the use of rota planning and care delivery software, and for cloud-based data storage (as we operate on a “paperless” basis). These third parties also comply with the terms of the GDPR including with regard to security measures.
We will not share your personal information with any third party who is not involved in the provision of care services to you. We will not sell or trade any personal information regarding you.
We rely on one or more of the following grounds within the GDPR as the lawful bases on which we collect and use your personal data and special category data (such as your health):
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. Where third parties process personal information on our behalf for the purposes of providing you with care and support services, they also have security measures in place and their staff are under a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
In order to provide our clients with care services, we use third parties, which include a cloud-based storage platform, to store and process our client records and also for our care planning and rota planning processes. These third parties may store your data outside the European Economic Area, including in the United States. We have satisfied ourselves that these third parties have appropriate systems and safeguards in place to protect your privacy rights and give you remedies in the unlikely event of any misuse of personal information, as permitted under the GDPR. We will not otherwise transfer or permit the transfer of your personal data outside of the UK. If you would like any further information, please contact us.
Under the GDPR you have a number of important rights free of charge. In summary, this includes rights to:
For further information on your rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of your rights, please:
Without information regarding your medical, physical, or mental condition, we cannot assess your care needs or provide any care services to you.
The provision of your name, home address, information on accessing your home and also your telephone number(s), is required so that we can arrange a care worker or workers to attend your home to deliver the services. Information on your key contacts is required so that we can contact them in an emergency situation and/or to be able to provide you with the care and support services you need.
We will hold information for as long as we need in order to comply with our legal and regulatory requirements. We will normally hold the personal information kept within your client file for 3 years from the last date on which we provide you with care services.
We hope that we can resolve any query or concern you raise about our use of your information. In the first instance, you can raise a concern using our complaints procedure, which is included in your client handbook given to you when we first start providing services to you.
The GDPR also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
We may change this privacy notice from time to time, when we do we will inform you via email or letter, depending how we normally correspond with you.
If you would like this notice in another format (for example: audio, large print) please contact us (see ‘How to contact us’ above).
If you have any questions about this privacy notice or would like further explanation as to how your personal information is managed, please send an email to us, write to us or call the Office.
Please note when we refer in the above notice to:
Updated: April 2023