Data Protection Policy

Effective Date: 7-12-2024

At Connect and Care, we are committed to protecting the privacy and confidentiality of all personal data that we collect, process, and store. Our Data Protection Policy outlines how we ensure compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, safeguarding the rights and privacy of individuals.

1. Scope

This policy applies to all personal data processed by Connect and Care, including data relating to service users, employees, contractors, and any other stakeholders.

2. Principles of Data Protection

We adhere to the following principles in line with the UK GDPR:

  1. Lawfulness, Fairness, and Transparency: Personal data is processed lawfully, fairly, and transparently.

  2. Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.

  3. Data Minimization: We collect only the data necessary for the intended purpose.

  4. Accuracy: Personal data is accurate and kept up to date.

  5. Storage Limitation: Data is retained only for as long as necessary and securely deleted thereafter.

  6. Integrity and Confidentiality: Personal data is processed in a manner that ensures security, protecting it from unauthorized access, loss, or damage.

  7. Accountability: Connect and Care takes responsibility for compliance with these principles and maintains evidence of adherence.

3. Types of Data We Collect

We may collect and process the following types of personal data:

  • Service Users: Contact information, health and care records, emergency contacts, and payment details.

  • Employees: Contact details, employment records, payroll information, and training certifications.

  • Others: Any relevant information necessary for delivering our services.

4. How We Use Personal Data

Personal data is used for:

  • Delivering high-quality care services.

  • Complying with legal and regulatory requirements.

  • Managing employment and contractual relationships.

  • Communicating effectively with service users and their representatives.

5. Data Security Measures

We implement robust measures to ensure the security of personal data, including:

  • Encryption of sensitive data during transmission and storage.

  • Restricted access to personal data based on role-specific needs.

  • Regular staff training on data protection and cybersecurity.

  • Use of secure IT systems and regular audits of data practices.

6. Data Sharing

We only share personal data when necessary and in line with legal obligations. This includes:

  • Sharing with healthcare professionals and regulatory bodies when required.

  • Disclosure to third-party providers under strict confidentiality agreements.

We do not sell personal data to any third parties.

7. Rights of Individuals

Under the UK GDPR, individuals have the following rights regarding their personal data:

  • Right to Access: Request a copy of their personal data.

  • Right to Rectification: Request corrections to inaccurate or incomplete data.

  • Right to Erasure: Request deletion of their data under certain conditions.

  • Right to Restrict Processing: Limit the processing of their data in specific situations.

  • Right to Data Portability: Request transfer of their data to another service provider.

  • Right to Object: Object to data processing for specific purposes.

  • Right to Lodge a Complaint: File a complaint with the Information Commissioner’s Office (ICO).

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory requirements.

9. Reporting Data Breaches

In the event of a data breach, Connect and Care will:

  • Notify the affected individuals where there is a risk to their rights and freedoms.

  • Report significant breaches to the ICO within 72 hours.

10. Review and Updates

This policy will be reviewed annually or whenever there are changes to applicable data protection laws.

Contact Us

If you have any questions about this policy or wish to exercise your data protection rights, please contact us at:

Connect and Care


Email: Administration: admin@connectandcare.co.uk

Human Resources: Hr@connectandcare.co.uk

Phone: Salisbury Office: 07305552665 Kent Office: 07722002616