This privacy notice is for this website; oystercarehomes.co.uk and served by Oyster Care Homes Limited, registered address Helios 47 Isabella Road, Garforth, Leeds, West Yorkshire, United Kingdom, LS25 2DY and governs the privacy of its users who choose to use it. It explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) [pre GDPR enforcement] and the PECR (Privacy and Electronic Communications Regulations).
This notice explains how we process, collect, manage and store personal data and how you can exercise your rights under the UK GDPR. Additionally it will explain the use of cookies or software, advertising or commercial sponsorship from third parties and the download of any documents, files or software made available to you (if any) on this website. Further explanations may be provided for specific pages or features of this website in order to help you understand how we, this website and its third parties (if any) interact with you and your computer / device in order to serve it to you. Our contact information is provided if you have any questions.
How do we get your information?
We get information about you from the following sources:
• Directly from you
• Someone acting on your behalf
What Personal Data we process and why
We use the following information depending on the nature of your visit:
• Personal contact details such as name, contact telephone number, personal email addresses
• Call recordings
• Health screen information to protect residents and colleagues, if relevant
• Vehicle registration
• Proof of identity
We process your personal data to:
• Respond to enquiries and complaints
• Training and monitoring purposes to improve the service
• For website visitors, to process your enquiry
• To protect residents and staff
1. Lawful basis for processing your personal data
1.1 Depending on the processing activity, we rely on the following lawful basis for processing your personal data under the UK GDPR:
• Article 6(1)(a) with your consent
• Article 6(1)(b) for processing necessary for the performance of a contract
• Article 6(1)(d) in order to protect your vital interests or those of another person
• Article 6(1)(f) for the purposes of our legitimate interests
1.2 Special categories of personal data. Where the information we process is special category data, the additional bases for processing that we rely on are:
• Article 9(2)(a) which relies on your explicit consent
2. How long we keep your personal data
2.1 We will only keep your information for as long as we have a purpose for doing so. Further information about how long we hold your personal data is contained in our Record Retention & Disposal (RR&D) Policy and our RR&D Schedule.
3. Data Sharing
3.1 In some circumstances, such as under a court order, we are legally obliged to share information. We may also share your information with third parties, including government agencies, and external auditors. Examples of who we may share your information with include:
• Independent external auditors who monitor compliance
Regulators
• Those who may require personal data to protect an individual (in life and death situations for example)
4. Do we use any data processors
4.1 Data processors are external organisations who provide certain services to us. We have contracts in place with them and they cannot do anything with your personal information unless we have instructed them to do so.
5. Your rights in relation to this processing
5.1 You may exercise the rights available to you under data protection law as follows:
• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling
5.2 You can read more about these rights at:
https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/
5.3 To exercise any of these rights, please contact the Privacy Officer. We respond to all requests we receive from individuals wishing to exercise their data subject rights in accordance with applicable data protection laws.
6. Transfers of personal data
6.1 We do not routinely transfer staff personal data outside of the UK but when this is necessary, we ensure that we have appropriate safeguards in place as required by the UK GDPR.
Use of cookies
This website uses cookies to improve the users experience while visiting the website. As required by legislation, where applicable this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device.
What are cookies? Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Website visitor tracking
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Downloads and media files
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti virus software or similar applications.
When downloading a brochure, you will be asked to provide your e-mail address. We will add this to our mailing list and contact you to share further information about the Care Home you are enquiring about. When you receive an e-mail, if you are unhappy to continue receiving information and updates, please do respond and request to be taken off the mailing list.
Contact and communication with us
Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The Notice’ above.
Email mailing list and marketing messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
Our EMS (email marketing service) provider is Mailchimp. You can read their privacy policy in the resources section.
External website links and third parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.
Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social media policy and usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
Resources and further information
Overview of the GDPR – General Data Protection Regulation
Privacy and Electronic Communications Regulations 2003
The Guide to the PECR 2003
X (formerly Twitter) Privacy Policy
Facebook Privacy Policy
Google Privacy Policy
Linkedin Privacy Policy
Mailchimp Privacy Policy