Privacy Policy - 23rd May 2018

Conniston Care Limited, often referred to as (We/Us) in this policy, recognise our obligations under data protection legislation and we are committed to preserving the privacy of your personal data.

This Privacy Notice explains what happens with any personal data we gather from you in relation to:

your use of this website,

your contract with us, e.g. your residency contract with us,

any enquiries or information you submit to us.

You should read this Privacy Notice so that you understand how we will handle your personal data.

Our aim is to only use and hold your personal data in ways that you would reasonably expect us to.

We reserve the right to amend this Privacy Notice from time to time. If we amend this Privacy Notice, we will make you aware of this via updates posted on our website.

If you have any questions regarding this Privacy Notice or how we process your personal data please contact our Data Protection Officer at the following email address:

Who we are

We are Conniston Care Limited based at The Dairy, Criftin Enterprise Centre, Oxton Road, Epperstone, Nottinghamshire, NG14 6AT. Our registration number with the Information Commissioner's Office is ZA180896.

How do we collect your personal data?

We may collect personal data about you from the following sources:

  • Information you provide to us via our website or in person
  • Information provided to us by third parties, e.g. your GP, Hospital, relatives, carer.

What personal data do we gather about you?

Personal data represent any information about an individual from which that individual can be identified. They do not include data from which an individual cannot be identified, for example, anonymised data.

The types of personal data we may collect, use, store and transfer in relation to you may consist of the following:

Data Subject Type of Personal Data Separate Category Data
Website visitor or website user
IP address, e-mail address, telephone number N/A
Name, address, telephone number, date of birth, next of kinHealth records, racial/ethnic details, religious beliefs
Individual making enquiries or/ submitting informationName, address, e-mail address, telephone numberN/A

How do we store your personal data and keep it secure?

We use reasonable and up to date security methods to:

  • keep your data secure
  • prevent unauthorised or unlawful access to your personal data
  • prevent the accidental loss of or damage to your personal data.

All personal data you provide to us are stored on our secure servers and in secure filing systems.

We have in place policies, procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction including procedures to deal with a security breach.

We will ensure your personal data are only accessible by those who need to see it for their specific role.

We will only transfer your personal data to a third party if (a) it is deemed necessary to fulfil our support, obligations and services to you and (b) that third party agrees to comply with our procedures and policies or if they have put in place equivalent policies and procedures of their own.

How and why we will use your personal data?

We will usually only process your personal data where:

  • you have given your consent
  • the processing is necessary for the performance or entry of a contract between us
  • the processing is necessary to comply with our legal obligations
  • the processing is necessary to protect your vital interests
  • the processing is necessary for the provision of health or social care
  • the processing is necessary for our legitimate interests or those of third parties.

Where the legal reason for processing is the performance of a contract with you, if you do not provide relevant personal data we will not be able to fulfil our contractual obligation(s) to you and this may have a detrimental impact on you.

How do we keep your personal data accurate?

We will keep the personal data we store about you accurate and up to date.

We will take every reasonable step to erase or rectify inaccurate data without delay.

Please tell us if your personal details change or if you become aware of any inaccuracies in the personal data we hold about you.

We will contact you if we become aware of any event which is likely to result in a change to your personal data.

How long will we keep your personal data?

We will not keep your personal data for longer than is necessary for the purpose(s) for which we process them.

This means that data will be destroyed or erased from our systems when they are no longer required.

For guidance on how long certain data are likely to be kept before being destroyed, contact our Data Protection Officer.

What rights do you have in respect of your personal data?

You have the right to:

  • request access to any personal data we hold about you;
  • request that any inaccurate personal data which we hold about you are rectified;
  • request to have your personal data erased;
  • request to have the processing of your personal data restricted (for example, if you think the personal data we hold about you is inaccurate, you can ask us to stop processing them until we will either correct them or confirm they are accurate);
  • request the transfer of your personal data to another data controller;
  • object to certain types of processing, including processing based on legitimate interests, automated processing (which includes profiling) and processing for direct-marketing purposes; and
  • withdraw consent to the processing of your personal data (where the legal reason for the processing of your personal data was your consent).

If you wish to exercise any of the rights set out above, you must make the request in writing to our Data Protection Officer. Please note, some of these rights are restricted in some circumstances.

Automated decision-making

We do not conduct automated decision making (including profiling) in connection with your personal data.

Who will have access to the data we hold?

Our personnel who need to access your personal data will view it in order that we can provide our services to you.

All of our personnel have received data protection training and understand the need to keep your personal data confidential and to use them only for legitimate purposes.

IMPORTANT: As a matter of course, we do not sell or rent personal data which you provide to us. Equally, we will never purchase data from third parties as part of day-to-day operations.

However, we may disclose your personal information to third parties:

  • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if we or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets; and
  • if we are under a duty to disclose or share your personal data in order to comply with legal obligations or to protect the rights, property or safety of others. This includes exchanging personal data with other companies and organisations for the purposes of fraud protection and credit risk reduction.

If your personal data are provided to any third parties, you are entitled to request details of the recipients of your personal data or the categories of recipients of your personal data.

We carry out due diligence on our service providers/group companies/other third parties and make sure we have a contract with them which satisfies the requirements of data protection legislation.

Apart from the situations referred to above, we will not disclose your personal data to a third party without your consent unless we are satisfied that they are legally entitled to access your personal data.

Transferring your data outside the European Economic Area (EEA)

We will not transfer your personal data outside the EEA unless such transfer is compliant with data protection legislation.

This means that we cannot transfer any of your personal data outside the EEA unless:

  • the EU Commission has decided that another country or international organisation ensures an adequate level of protection for your personal data;
  • the transfer of your personal data is subject to appropriate safeguards, which may include binding corporate rules or standard data protection clauses adopted by the EU Commission; or
  • an exception applies (including if you explicitly consent to the proposed transfer).


Our website may use cookie based tracking software to record the traffic coming to our site.

No personally-identifiable information from the users of the site is captured and the process is intended to restrict checking to items such as browser type, screen resolution and time of visit along with the pages of our site which were visited.

We collect these data to help improve user experience whilst visiting our site.

By continuing to use our website, you hereby give consent for Conniston Care Limited to continue to use and store cookies on your computer for reasons outlined above.
If you do not agree to this, please change your cookie settings within your web browser to disallow cookies.

Right to make a complaint

If you have any issues with our processing of your personal data and would like to make a complaint, you may contact our Data Protection Officer or the Information Commissioner's Office on 0303 123 1113.