Privacy Policy

Venn Care Limited
October 2025

  1. Who We Are

Venn Care Limited (“we”, “our”, “us”) is a residential care home providing accommodation, personal care, and support services to our residents. We are committed to protecting and respecting your privacy.

We are a Data Controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

  • Company name: Venn Care Limited
  • Contact email: [email protected]
  • Telephone: 01822 612322
  1. Whose Information Do We Collect?

We collect and process personal data relating to:

  • Residents (current, former, and prospective)
  • Family members and next of kin
  • Staff and job applicants
  • Suppliers and professional contacts
  1. What Information Do We Collect?

Depending on the relationship, the types of personal data we may collect include:

For residents:

  • Name, date of birth, gender, contact details
  • Health and care information (medical history, medications, care plans, GP details)
  • Financial details for payment of care fees
  • Next of kin and emergency contacts
  • Records of care and daily living activities

For family members/representatives:

  • Contact details
  • Relationship to resident
  • Financial guarantor details (if applicable)

For staff/job applicants:

  • Contact details, employment history, qualifications
  • References and DBS checks
  • Payroll, pension, tax and HR records

For suppliers/professionals:

  • Contact details, business details, and contractual information
  1. How We Collect Information

We may collect data:

  • Directly from you (via forms, correspondence, applications, or phone calls)
  • From healthcare professionals, local authorities, or referral agencies
  • From family members or legal representatives
  • From publicly available sources where appropriate
  1. Why We Use Your Information (Legal Basis)

We process personal data under the following lawful bases:

  • Contract – to provide care services and employment contracts.
  • Legal obligation – to meet regulatory requirements (e.g., CQC, safeguarding, health & safety, HMRC).
  • Vital interests – where necessary to protect life or health.
  • Legitimate interests – to manage and improve our care services.
  • Consent – where we rely on your explicit consent, e.g., for sharing certain health or marketing information.
  1. How We Use Your Information

We may use your personal data to:

  • Deliver safe and effective care to residents
  • Maintain accurate health and care records
  • Communicate with families, representatives, and professionals
  • Manage staff employment and payroll
  • Fulfil legal and regulatory obligations
  • Maintain records of incidents, safeguarding concerns, and complaints
  • Improve the quality of care we provide
  1. Sharing Your Information

We will only share personal data where necessary and with appropriate safeguards, including with:

  • Health and social care professionals (GPs, hospitals, pharmacists, local authorities)
  • Regulators such as the Care Quality Commission (CQC) and Local Authority Safeguarding Teams
  • Payroll, pension, and HR service providers (for staff)
  • Professional advisers (lawyers, accountants, insurers)
  • Law enforcement agencies if required by law

We do not sell personal data to third parties.

  1. International Transfers

We do not routinely transfer personal data outside the UK. If we ever need to, we will ensure appropriate safeguards are in place in line with UK GDPR.

  1. How Long We Keep Your Information

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal, contractual, and regulatory requirements. Examples include:

  • Care records – minimum 8 years after care ends (NHS guidance)
  • Staff records – 6 years after employment ends
  • Financial records – 6 years for tax purposes
  1. Your Rights

Under UK GDPR, you have the following rights:

  • The right to be informed about how your data is used
  • The right of access to your data
  • The right to rectification of inaccurate data
  • The right to erasure (“right to be forgotten”) in certain circumstances
  • The right to restrict or object to processing
  • The right to data portability
  • Rights in relation to automated decision-making and profiling (we do not use automated profiling)

To exercise your rights, please contact us using the details above.

  1. How We Protect Your Information

We use appropriate technical and organisational measures to protect personal data, including:

  • Secure electronic care records and password-protected systems
  • Restricted access based on job role
  • Regular staff training on data protection and confidentiality
  • Secure storage and disposal of paper records
  1. Complaints

If you have any concerns about how we handle your data, please contact us in the first instance.

You also have the right to complain to the Information Commissioner’s Office (ICO):

  • Website: www.ico.org.uk
  • Helpline: 0303 123 1113
  1. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. The most current version will always be available in our care home and on request.