Last Updated: 04 March 2025

At Inclusive Care Options Ltd, we are committed to safeguarding your privacy and protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect your personal data in accordance with UK GDPR, the Data Protection Act 2018, and relevant national data-sharing regulations.

Legal Basis for Data Processing

We process personal data under the following legal bases:

• Contractual Necessity – When processing is required to provide care services.
• Legal Obligation – When required by law or regulatory bodies such as the Care Quality Commission (CQC), NHS, or local authorities.
• Legitimate Interests – For operational purposes such as service improvement, risk management, and care coordination.
• Consent – When required for specific types of processing (e.g., marketing communications).

Information We Collect

We may collect and process the following types of personal data:

• Contact details (name, address, phone number, email).
• Personal and medical information necessary for care provision.
• Health records and medical history.
• Financial details for billing purposes.
• Emergency contact details.
• Communication preferences.
• Website interaction data and electronic form submissions.
• Information related to service feedback and inquiries.

How We Use Your Information

We process personal data for:

• Care delivery – Maintaining accurate health records and ensuring continuity of care.
• Billing and payments – Managing invoices and payments.
• Regulatory compliance – Meeting legal obligations set by CQC, NHS, and local authorities.
• Service improvement – Enhancing customer experience and staff training.
• Safety and security – Preventing fraud and protecting service users.
• Research and analysis – Conducting audits and quality assessments.

Data Sharing and National Data Sharing Compliance

We comply with national data-sharing agreements, including NHS and local authority regulations, ensuring data is shared securely for care coordination and public health purposes. Your data may be shared with:

• Healthcare professionals – GP, specialists, hospitals, and care teams.
• Third-party service providers – Software and IT providers assisting in secure data management.
• Regulatory bodies – NHS, CQC, and local authorities as required by law.
• Emergency contacts – When necessary for health and safety purposes.
• Law enforcement – If required by legal or regulatory obligations.

We ensure all third parties adhere to strict confidentiality and data security requirements.

Data Retention Policy

We retain personal data as follows:

• Health records: Minimum of 8 years after last care interaction (as per NHS guidelines).
• Financial records: 6 years for tax and regulatory compliance.
• Other personal data: Retained only as long as necessary for service delivery.
• Data is securely deleted or anonymized after the retention period.

Data Security

We implement robust security measures to protect personal data from unauthorized access, loss, or alteration. This includes:

• Encryption and secure storage systems.
• Access control measures for staff handling personal data.
• Regular audits and compliance checks.

However, no system is completely secure, and we encourage users to take necessary precautions when sharing sensitive data electronically.

Your Rights

Under UK GDPR, you have the right to:

• Access – Request a copy of your personal data.
• Correction – Update inaccurate information.
• Deletion – Request removal of personal data (subject to legal obligations).
• Restriction – Limit processing of your data in certain circumstances.
• Data portability – Receive data in a structured format for transfer.
• Objection – Object to processing based on legitimate interests.

To exercise these rights, please contact our Data Protection Officer (DPO) at contact@inclusivecareoptions.co.uk.

Complaints and Contact Information

If you have concerns about our data handling practices, you can:

• Contact our Data Protection Officer (DPO) at contact@inclusivecareoptions.co.uk.
• Lodge a complaint with the Information Commissioner’s Office (ICO) via www.ico.org.uk.

International Data Transfers

If we transfer data outside the UK or EU (e.g., cloud storage providers), we ensure compliance with UK GDPR through:

• Data Protection Agreements (DPA) with third-party providers.
• Standard Contractual Clauses (SCC) where necessary.
• Additional security safeguards to protect data integrity.

Updates to this Privacy Policy

We may update this policy periodically. The latest version will always be available on our website, and the “Last Updated” date will be revised accordingly.

By using our services, you consent to the terms outlined in this Privacy Policy.

Thank you for trusting Inclusive Care Options Ltd with your care and privacy.

 

Contact Us:
Email: contact@inclusivecareoptions.co.uk