Privacy policy

This Privacy Policy outlines how Primrose Homecare Services Ltd collects, uses, and protects your personal information in accordance with the General Data Protection Regulation (GDPR) and relevant Welsh social care legislation.

1. Data Collection and Purpose We collect personal data to provide tailored domiciliary care and to meet our legal obligations as a registered provider with Care Inspectorate Wales (CIW). This includes:

• Personal Identification: Names, addresses, and contact details for service users and their representatives.

• Health and Care Data: Detailed assessments of health, personal care requirements, and emotional or social needs to create a personalised care plan.

• Professional Feedback: We may collect testimonials or feedback from families and health professionals to improve our services.

2. Principles of Processing In line with GDPR, your data is processed lawfully, fairly, and transparently. We ensure data is:

• Adequate, relevant, and limited to what is necessary for care provision.

• Accurate and kept up to date.

• Kept in a secure form for no longer than is necessary.

3. Confidentiality and Disclosure All information shared with us is strictly confidential. Disclosure to third parties (such as local authorities or health professionals) occurs only with your permission, except in exceptional circumstances where our duty of care or safeguarding obligations precede confidentiality.

4. Data Security We maintain robust foundations for data security through our partnership with Citation and our ISO certifications. Records are kept in secure locations, and staff are trained in GDPR compliance.

5. Your Rights Service users have the right to access their care records, request corrections to inaccurate data, and receive copies of quality monitoring reports upon request.