Privacy Policy

This organisation believes that all data, required for the delivery of the service and the lawful running of the organisation must be collected, handled, maintained and stored in accordance to the requirements of the Data Protection Act 2018.

Lawful Bases

After due consideration this organisation has determined that the following Lawful Bases are used in the collection of data:

Contract; Legal Obligation; Vital Interests; Legitimate Interests.

 

Data Protection Principles 

The General Data Protection Regulations (GDPR) upon which the Act is based sets out the following principles for which the organisation is responsible and must meet.  These require that personal data shall be:

  1. a) Processed lawfully, fairly and in a transparent manner;
  2. b) Collected for specified, explicit and legitimate purposes;
  3. c) Adequate, relevant and limited to what is necessary;
  4. d) Accurate and, where necessary, kept up to date;
  5. e) Retained only for as long as necessary;
  6. f) Processed in an appropriate manner to maintain security.

 

Individual Rights

There are several changes here in particular the Right of Access in relation to timescales and fees.  These must be fully understood in relation to anyone submitting a Subject Access request.

The GDPR provides the following rights for individuals:

 

Privacy Notices

This is a new requirement for data processing, it is an accessible information declaration which should set out clearly how we will gather, use, handle, store and process personal data.

As an organisation we are increasingly aware of the fragile trust which can be easily broken through data breaches and are therefore seeking transparency as a means of building trust and confidence with users of our services.  It is the spirit of the Act that privacy, transparency and control become a given for users.

 

File Retention

The GDPR sets out Guidance on files and retention including archiving, specifically Health and Social Care personal data is generally exempt.

As a provider of services, file and retention guidelines are in place from our Regulator which includes Care Inspectorate Wales and the NHS as well as Local Authorities via the Service Specification within any contractual arrangements.

 

Compliance

It is important that the Act is placed in the context of other compliance requirements namely The Regulated Services (Service providers) and (Responsible Individuals) (Wales) Regulations 2017.

 

Changes to our Privacy Policy

This policy has been updated to include the changes being implemented by the General Data Protection Regulations (GDPR) which are in place on 25/5/2018.  This policy will be reviewed tri-annually and updated when required.

 

Training Statement

This organisation is committed to the continuous improvement of its services and views staff learning and training as core to delivering a quality service.  The Regulated Services (Service Providers and Responsible Individuals) (Wales) Regulations 2017 and its accompanying Statutory Guidance makes clear the importance of ongoing professional development and training of the workforce.  We will continually review and revise our training in order to ensure that the Regulatory requirements are met.

 

CCTV

Our data processing includes the use of a CCTV system for the prevention of crime.  The system was installed to improve security of the home, since the residents are a vulnerable group.  The cameras are all located on the outside of the property.

 

Use of Cookies

On occasion, we may gather information about your computer for our services, and to provide statistical information regarding the use of our Website.

Such information will not identify you personally, it is statistical data about our visitors and their use of our site. This statistical data does not identify any personal details whatsoever. It is used by us to analyse how visitors interact with the Website so that we can continue to develop and improve this Website.

We may gather information about your general Internet use by using a cookie file that is downloaded to your computer. Where used, these cookies are downloaded to your computer automatically.  This cookie file is stored on the hard drive of your computer as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Website and the service that we provide to you.

All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular areas of our Website.

For more information on cookies you can read the guidance at All About Cookies.