Our privacy promise to you
We ask that you read this privacy promise carefully as it contains important information on who we are and how we collect, use, store and share personal information. It outlines your rights and how to contact us and other relevant organisations in the event you have a complaint.
Who we are
We are Stephen Support Services Ltd trading as Clements Healthcare, registered number 09680966 , registered address 13 Carters Green , west Bromwich , B70 9QP
As a ‘data controller’, we are responsible for how we manage this information. The General Data Protection Regulation (GDPR) applies to the personal information of every UK or European citizen and sets out our obligations and your rights.
All our data processing activities are monitored by our appointed Data Protection Officer to ensure that the information we collect is:
- Used lawfully, fairly and in a transparent way
- Relevant and for reasons that we have told you about
- Accurate and up to date
- Kept only for as long as it is needed
- Kept securely
Customer Privacy Promise
Information collected by us
We define personal information as information about you or that make you identifiable to others. This falls into two categories:
- Personal Data such as your name, address, email address, contact information, financial information, health and lifestyle details (including opinions and intentions) relevant to the services we are providing.
- Special Category Data such as information relating to your health, medical history, treatments both current and to be prescribed.
We collect this information:
- When you make enquires about our care and support services through our website, telephone, email, post, face to face or social media.
- Through audio recordings of telephone calls to and from our office and branch teams.
- By written correspondence by email or post.
- Through service providers (data processors) who are contracted by us to deliver:
Information collected from our website
We collect device identifiers such as internet protocol (IP) addresses and information about the web pages visited, the type of device and software. This is used for statistical and analytical purposes to improve your customer journey and experience.
Our website may also provide links to other websites which have their own privacy policies. We do not accept any responsibility or liability should you access or use these links.
Visit https://www.getsafeonline.org/get-safe-top-10/ to find out more about protecting your information and staying safe online.
Information collected from other sources
We obtain additional information about you from third parties such as social and healthcare professionals and public bodies.
A ‘public body ‘being any organisation in the United Kingdom which delivers, commissions or reviews a public service and includes (but is not limited to) the Ombudsman, local authorities, councils, unitary authorities, clinical commissioning groups, health and social care trusts, the National Health Service as well as their arm’s length bodies and regulators.
A ‘social or health care professional‘ any person who provides direct services, acts as consultant or is involved in the commission of your healthcare or social care services, including (but not limited to) your general practitioner (GP), dental staff, pharmacists, nurses and health visitors, clinical psychologists, dieticians, physiotherapists, occupational therapists, hospital staff, social workers and other care and support related professionals.
We may also collect and use personal data and other information about other people that contribute to or affect your care and support needs such as next of kin, power of attorney or emergency contact.
Purpose for collecting and using your personal information
We process your information in different ways under the following legal bases:
- Where processing is conducted with your consent for specified purposes
- Where processing is necessary for the performance of our contracts
- Where processing is necessary for us to demonstrate compliance with the law and regulatory frameworks
- When processing in pursuit of legitimate interests for:
- Direct marketing communications to customers and potential prospects (with the option to unsubscribe at any time)
- Responding to call backs following enquiries and communications to customers (to include respite)
- Corporate due diligence and financial modelling, service development and innovation
- When processing special category (sensitive) data concerning health and biometrics, as is necessary for the provision of social care or the management of social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards
How we use your personal information
|We use your personal information to:||And we keep it for:|
|Prepare, assess, review and update care plans and records
Communicate with you, your representatives and other appropriate social or health care professionals about your needs or our concerns
Arrange care provision at your home to deliver your required service
Make reasonable adjustments to the care delivery, maintain safety and to personalise the service to meet your needs
10 years after the termination of contract or end of care
|Set up and manage payment arrangements for the care and support services you receive in accordance with our terms and conditions||5 years* from the end of the corresponding financial year
*direct debit forms are retained indefinitely against indemnity claims
|Record and manage complaints, compliments or concerns about the service we provide||8 years from closure of the case|
|Record details of accidents, incidents or near misses which occurs to you our employees||Accidents – 2 years
Minor incidents – 5 years
Serious incidents – 10 years
|Perform contractual and compliance procedures with other care providers and public bodies involved in your care delivery||–|
|Send you information or offer on similar or relevant services following a request or enquiry which you can opt out from at any time||–|
|Notify you about changes to terms and conditions, tariffs, service delivery or interruptions which are relevant to you as part of our terms and conditions||–|
|We may monitor telephone calls for training and compliance through our telephony system only||6 months|
|Conduct market research to review our service and improve our customer experience through feedback/review requests. Please note that this feedback can also be given anonymously||6 months|
|We will get consent for the following:|
|With your explicit consent, we may also post images and content about you to promote our social media platforms, events, print and digital publications||3 years with options to review and extend with further consent|
|With your explicit consent, we may send you news or email communication from time to time about our||Termination of contract or end of care|
Sharing your personal information with others
We share appropriate information with:
- External social and health care professionals and any individuals that you nominated as your representative or who have a legal entitlement. At your request, we would share information with another an alternative provider.
- Law enforcement authorities on request or following a court order
- Public bodies that require evidence of our compliance with contractual obligations and to satisfy regulatory frameworks.
- Local safeguarding Advisory Boards (SAB) regarding issues and concerns.
- Third party data processors and service providers who are contracted to support us
- Relevant internal Clements personnel to provide safe and effective services.
We will not sell or trade your personal information with other third party without your consent.
Sharing and transferring information outside the European Economic Area (EEA) International Transfers
We store and process your personal information on systems within the European Economic Area (EEA) with the same level of legal protection, privacy and rights as the UK.
In some circumstances, we use service providers who hold or transfer your personal information outside the EEA. In countries that do not have the same data protection laws as the United Kingdom and EEA, reciprocal arrangements are in place to demonstrate the same duty of care and confidentiality.
Keeping your personal information secure
The confidentiality and security of your information is of paramount importance to us. We have appropriate organisational and technical security measures in place to prevent personal information from being lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information do so under contract and are subject to a duty of confidentiality.
Any transfer of information is subject to appropriate safeguards designed to protect your privacy rights and give you recourse in the unlikely event of misuse of your personal information.
We have procedures in place to detect and respond to suspected data security breaches. We may notify you and any relevant authority as part of our data risk management and where we are legally obliged to.
You have rights over the way we use your information:
- You have the right to be informed about what information we collect and how it is used as outlined in this privacy promise.
- You have the right to ask for access to the information we hold on you. We would usually provide copies free of charge.
- You have the right to ask us to correct or update any information you think is incorrect or incomplete.
- You have the right to object to your information being used and/or withdraw consent.
- You have the right to ask us to stop using your information. This ‘right to be forgotten is only applied where there is no legal reason for us to continue to hold or use it.
- You have the right to object to any automated decision making. This could affect your ability to fully access our services.
- You have the right to ask us to stop using your information for marketing purposes by opting out at any point of the registration process or by updating your preferences once registered. The unsubscribe feature on our emails are actioned immediately but may take up to 14 days to complete.
- You have the right to ask us to transfer certain personal information or a copy of some of your information to you or to another organisation, including service providers, in a format they can use where this is technically possible, known as the ‘right to data portability’.
- You have the right to withdraw any permission you have previously given us to use your information.
For detailed information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation. If you would like to exercise a right, please contact the Compliance team at email@example.com or see the ‘how to contact us’ section.
How to contact us
If you have any questions about this privacy promise, your rights or wish to contact the Data Protection Officer, get in touch by:
- Email – firstname.lastname@example.org
- Post – 13 Carters Green , West Bromwich , B70 9QP
- Telephone – 0121 553 5303
How to complain
If you contact us, we hope to resolve any query or concern you raise about our use of your information.
The GDPR also gives you right to lodge a complaint with a supervisory authority within the European Union or EEA state where you work, reside or where any alleged infringement of data protection laws has occurred. The Information Commissioner Office (ICO) is the supervisory body in the UK and can be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this privacy promise
This privacy notice was first published on 21st May 2018, and last updated on th May 2020.
We may change this privacy promise and update our website from time to time.
Do you need extra help?
If you would like this privacy promise in another language or format such as audio, large print or braille, please contact us.