PRIVACY POLICY
1. Introduction and General Information
Welcome to the website privacy policy for Home at Peace Ltd (“we”, “us”, or “our”). We respect your privacy and are committed to protecting your personal data.
This privacy policy informs you how we look after your personal data when you visit our website (regardless of where you visit it from) and tells you about your privacy rights and how the law protects you. This policy applies to our digital operations and works in conjunction with our internal Data Protection and UK GDPR Policy.
- Data Controller: Home at Peace Ltd
- Office Address: 5 Brayford Square, London, E1 0SG
- Data Protection Officer (DPO): Carol Henry
- Operational Oversight: Carol Henry (Registered Manager)
- Contact Number: 0207 870 8162
2. The Data We Collect About You
Personal data means any information about an individual from which that person can be identified. We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data: Includes first name, maiden name, last name, username or similar identifier, and marital status.
- Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
- Technical Data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Usage Data: Includes information about how you use our website, products, and care services.
- Marketing and Communications Data: Includes your preferences in receiving communication or newsletters from us.
2.1 Job Applicants and Service Enquiries
If you use our online portal to apply for a vacancy or submit a care enquiry, we will process your data in line with our specialized Job Applicant & Recruitment Privacy Notice or our core service intake procedures.
3. How Is Your Personal Data Collected?
We use different methods to collect data from and about you, including through:
- Direct Interactions: You may give us your Identity and Contact Data by filling in online forms or by corresponding with us by post, phone, email, or otherwise. This includes personal data you provide when you enquire about our domiciliary care services, apply for a job, or request marketing material.
- Automated Technologies or Interactions: As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies and other similar technologies. Please see our Cookie Policy for further details.
4. How We Use Your Personal Data (Lawful Basis)
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Consent: Where you have given clear, explicit consent for us to process your personal data for a specific purpose (e.g., submitting an online contact form).
- Performance of a Contract: Where we need to perform a contract we are about to enter into or have entered into with you regarding domiciliary care delivery.
- Legal Obligation: Where we need to comply with a legal or regulatory obligation (such as tracking data for the Care Quality Commission or the Information Commissioner’s Office).
- Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., managing and securing our online web infrastructure).
5. Disclosures of Your Personal Data
We do not sell, rent, or trade your personal data with third parties for commercial marketing purposes. We may share your personal data with internal personnel strictly to answer your enquiries (such as our recruitment team or care coordinators).
We may share your data with external third parties only under strict compliance guidelines:
- Service providers acting as processors who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors, and insurers.
- Regulators and authorities, such as the Care Quality Commission (CQC) or the Information Commissioner’s Office (ICO), who require reporting of processing activities in certain circumstances.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not transfer your personal website data outside the United Kingdom.
6. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so within 72 hours.
7. Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or regulatory reporting requirements.
Details of retention periods for different aspects of your personal data are available in our internal Data Clearance Policy (MF 68). General website enquiry data from non-active clients is securely deleted after 6 months.
8. Your Legal Rights Under UK GDPR
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:
- Request access to your personal data (Subject Access Request).
- Request correction of your personal data.
- Request erasure of your personal data (“Right to be Forgotten”).
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data (Data Portability).
- Right to withdraw consent at any time.
If you wish to exercise any of the rights set out above, please contact our Data Protection Officer, Francesca Baker. You will not have to pay a fee to access your personal data, and requests will be completed within one calendar month.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
