How We Use Your Information
1. About Us
We are Staywell Care Services Ltd, a regulated care provider delivering home‑care services.
Address: Room 2a, Station House, 1 Pembroke Broadway, Camberley, Surrey, GU15 3XD
Phone: 07393 489266
Email: admin@staywellcare.co.uk
Data Protection Officer: George Tsungu
We are committed to protecting your privacy and handling your personal information in a safe, lawful and transparent way.
2. Who This Notice Applies To
This Privacy Notice explains how we process personal data for:
- Clients receiving care and support
- Staff including employees, workers, volunteers, contractors
- Visitors to our website or premises
- Third parties whose information may be provided to us (e.g., family members, advocates, professionals)
3. The Information We Collect
3.1 Clients
We may collect:
- Identification details (name, date of birth, NHS number)
- Contact details
- Health and medical information
- Care plans, assessments, daily notes
- Information from family, advocates or professionals
- Financial information (e.g., direct payments)
- Safeguarding records
- CCTV images (if used)
3.2 Staff
We may collect:
- Identification and contact details
- Right‑to‑work documents
- Employment history, references
- DBS checks
- Payroll, tax and pension information
- Training and qualification records
- Sickness, absence and HR records
- Performance, supervision and disciplinary information
- Incident involvement
- CCTV images (if applicable)
- Digital system usage logs (security)
4. Why We Use Your Information
4.1 Clients
We process your data to:
- Assess, plan and deliver your care
- Ensure your health, safety and wellbeing
- Meet legal and regulatory obligations (CQC, safeguarding, local authority)
- Communicate with you, your family and professionals
- Manage incidents, complaints and quality assurance
- Maintain secure digital care records
4.2 Staff
We process your data to:
- Recruit, onboard and manage employment
- Meet legal obligations (HMRC, DBS, right‑to‑work, CQC)
- Manage payroll, pensions and benefit
- Provide training and development
- Investigate incidents or complaints
- Maintain secure systems and prevent fraud
5. Lawful Bases for Processing
- We rely on different lawful bases depending on the activity:
- Contract – employment contracts or private care agreements
- Legal obligation – safeguarding, employment law, HMRC, DBS
- Public task – delivering care commissioned by local authorities/NHS
- Vital interests – emergencies or life‑saving situations
- Legitimate interests – workforce management, rota planning, service improvement
- Consent – only for optional activities (e.g., photos for marketing)
- We do not rely on consent for essential care or employment processing.
6. Who We Share Your Information With
We may share relevant information with:
- Local authorities, NHS teams, GPs, district nurses
- Social workers, mental‑health teams, OTs
- Regulators (CQC)
- HMRC, DBS, pension providers (staff)
- Approved digital care systems (e.g., Nourish, Access)
- Training bodies
- Emergency services
- Advocates or legal representatives (with permission)
- We never sell your data.
7. International Transfers
If any digital system stores data outside the UK, we ensure appropriate safeguards such as:
- UK adequacy regulations
- Standard Contractual Clauses
- Additional technical and organisational protections
8. How Long We Keep Your Information
- Client care records: typically 7–8 years after service ends
- Staff personnel files: 6 years after employment ends
- Payroll/tax records: 6 years
- DBS information: retained only as permitted by law
- Safeguarding or legal matters: longer where required
9. Your Rights
Under UK GDPR, you have the right to:
- Access your information
- Request corrections
- Request deletion (where legally possible)
- Restrict processing
- Object to certain processing
- Data portability (limited cases)
- Withdraw consent (where used)
- Complain to the ICO: www.ico.org.uk
We will respond to all rights requests within one month.
10. Where We Get Your Information
We may receive information from:
- You directly
- Family members or representatives
- Local authorities or NHS teams
- Health professionals
- Recruitment agencies (staff)
- Referees
- Previous care providers
- Internal systems
11. How We Protect Your Information
We use a range of technical and organisational measures including:
- Encrypted digital care and HR systems
- Role‑based access controls
- Secure storage and disposal
- Staff training in data protection
- Regular audits and monitoring
- Incident and breach reporting procedures
12. Contact Us
If you have questions about this Privacy Notice or how we use your information, contact:
Staywell Care Services Ltd
Email: admin@staywellcare.co.uk
Phone: 07393 489266