Introduction: At Community 360, we are committed to protecting the privacy and personal data of the individuals who use our services. This Privacy Policy outlines how we collect, use, and protect the information of our residents, in compliance with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).

By using our services, you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect personal and sensitive information to ensure we provide safe and effective care. The types of data we may collect include:

• Personal Details: Full name, date of birth, gender, and contact details (e.g., phone number, email, address).
• Medical Information: Details of diagnoses, prescribed medications, medical history, mental health care needs, and any other relevant health-related information.
• Emergency Contact Information: Details of family members or guardians, including contact details.
• Support Plans & Assessments: Care plans, risk assessments, and records of interactions to track care and progress.
• Financial Information: For residents who receive financial support, we may collect details of benefits or payment arrangements.
• Consent Records: Signed agreements for care and consent for data collection where applicable.

2. How We Use Your Information

We use your personal information for the following purposes:

• Provision of Care: To ensure appropriate, safe, and effective care is provided.
• Health & Safety: To manage any risks, emergencies, or special care needs.
• Communication: To keep in touch with residents and their families regarding care, services, or updates.
• Legal Obligations: To comply with legal and regulatory requirements, including safeguarding.
• Personalized Services: To tailor our services to meet each resident’s unique needs.
• Internal Auditing & Monitoring: To improve the quality of care, conduct audits, and review resident satisfaction.

3. Lawful Basis for Processing

We process personal data based on the following lawful bases:

• Consent: We will obtain explicit consent for collecting and processing sensitive data such as medical information.
• Legal Obligation: We may need to process data to comply with legal or regulatory requirements, such as safeguarding and health and safety regulations.
• Legitimate Interests: We may process data where necessary for the smooth functioning of our services, including monitoring care plans and internal record-keeping.
• Vital Interests: In emergencies, we may share relevant information to protect the life or well-being of our residents.

4. How We Protect Your Information

We implement strict measures to ensure the security of your data, including:

• Data Encryption: All personal and sensitive data is stored securely, both digitally and in physical records.
• Access Control: Only authorized staff members have access to sensitive information, and access is based on need-to-know criteria.
• Training: All staff receive regular data protection training to ensure compliance with our privacy standards.
• Auditing: Regular audits are conducted to ensure data protection procedures are maintained.

5. Data Sharing & Disclosure

We do not share your personal data with third parties except in the following circumstances:

• Medical Professionals: We may share health-related data with GPs, hospitals, or other healthcare professionals involved in your care.
• Regulatory Bodies: We may disclose information to regulatory authorities or inspectors, such as the Care Quality Commission (CQC), when required.
• Safeguarding: In safeguarding situations, we may share relevant information with social services, the police, or other appropriate bodies.
• Legal Requirements: If required by law, we may disclose information to law enforcement or other governmental agencies.

In all cases, we ensure that third parties comply with data protection laws and maintain strict confidentiality standards.

6. Retention of Information

We retain your personal data for as long as it is necessary to provide you with services and fulfill legal obligations, including record-keeping, regulatory compliance, and safeguarding. After this period, your data will be securely deleted or anonymized in accordance with applicable laws.

7. Your Rights

As a resident or family member, you have rights regarding your personal data:

• Access: You have the right to request access to the personal data we hold about you.
• Correction: You can request corrections to any inaccurate or incomplete personal data.
• Erasure: You have the right to request the deletion of your data in certain circumstances.
• Restriction of Processing: You may ask us to restrict processing of your personal data in certain situations.
• Data Portability: You can request a copy of your data in a structured, commonly used format for transfer to another service provider.
• Right to Object: You may object to the processing of your personal data in certain situations, such as marketing or profiling.
• Right to Withdraw Consent: Where you have provided consent for processing, you have the right to withdraw it at any time.

We collect personal and sensitive information to ensure we provide safe and effective care. The types of data we may collect include:

• Personal Details: Full name, date of birth, gender, and contact details (e.g., phone number, email, address).
• Medical Information: Details of diagnoses, prescribed medications, medical history, mental health care needs, and any other relevant health-related information.
• Emergency Contact Information: Details of family members or guardians, including contact details.
• Support Plans & Assessments: Care plans, risk assessments, and records of interactions to track care and progress.
• Financial Information: For residents who receive financial support, we may collect details of benefits or payment arrangements.
• Consent Records: Signed agreements for care and consent for data collection where applicable.

2. How We Use Your Information

We use your personal information for the following purposes:

• Provision of Care: To ensure appropriate, safe, and effective care is provided.
• Health & Safety: To manage any risks, emergencies, or special care needs.
• Communication: To keep in touch with residents and their families regarding care, services, or updates.
• Legal Obligations: To comply with legal and regulatory requirements, including safeguarding.
• Personalized Services: To tailor our services to meet each resident’s unique needs.
• Internal Auditing & Monitoring: To improve the quality of care, conduct audits, and review resident satisfaction.

3. Lawful Basis for Processing

We process personal data based on the following lawful bases:

• Consent: We will obtain explicit consent for collecting and processing sensitive data such as medical information.
• Legal Obligation: We may need to process data to comply with legal or regulatory requirements, such as safeguarding and health and safety regulations.
• Legitimate Interests: We may process data where necessary for the smooth functioning of our services, including monitoring care plans and internal record-keeping.
• Vital Interests: In emergencies, we may share relevant information to protect the life or well-being of our residents.

4. How We Protect Your Information

We implement strict measures to ensure the security of your data, including:

• Data Encryption: All personal and sensitive data is stored securely, both digitally and in physical records.
• Access Control: Only authorized staff members have access to sensitive information, and access is based on need-to-know criteria.
• Training: All staff receive regular data protection training to ensure compliance with our privacy standards.
• Auditing: Regular audits are conducted to ensure data protection procedures are maintained.

5. Data Sharing & Disclosure

We do not share your personal data with third parties except in the following circumstances:

• Medical Professionals: We may share health-related data with GPs, hospitals, or other healthcare professionals involved in your care.
• Regulatory Bodies: We may disclose information to regulatory authorities or inspectors, such as the Care Quality Commission (CQC), when required.
• Safeguarding: In safeguarding situations, we may share relevant information with social services, the police, or other appropriate bodies.
• Legal Requirements: If required by law, we may disclose information to law enforcement or other governmental agencies.

6. Retention of Information

We retain your personal data for as long as it is necessary to provide you with services and fulfill legal obligations, including record-keeping, regulatory compliance, and safeguarding. After this period, your data will be securely deleted or anonymized in accordance with applicable laws.

7. Your Rights

As a resident or family member, you have rights regarding your personal data:

• Access: You have the right to request access to the personal data we hold about you.
• Correction: You can request corrections to any inaccurate or incomplete personal data.
• Erasure: You have the right to request the deletion of your data in certain circumstances.
• Restriction of Processing: You may ask us to restrict processing of your personal data in certain situations.
• Data Portability: You can request a copy of your data in a structured, commonly used format for transfer to another service provider.
• Right to Object: You may object to the processing of your personal data in certain situations, such as marketing or profiling.
• Right to Withdraw Consent: Where you have provided consent for processing, you have the right to withdraw it at any time.