HowDidWeDo?

GENERAL DATA PROTECTION REGULATIONS

PRIVACY NOTICE

What is a Privacy Notice?

A Privacy Notice is a statement by the Company to service users, visitors, the public and staff that describes how we collect, use, retain and disclose the personal information which we hold. It is sometimes also referred to as a Privacy Statement, Fair Processing Statement or Privacy Policy. This Privacy Notice is part of our commitment to ensure that we process personal information/data fairly and lawfully. It is also one of the ways in which we can demonstrate our commitment to our values of Continuous Improvement, Ethical Practice, Reliability and Effectiveness, Responsibility, Expertise and Excellence.

Why we collect information

We recognise the importance of protecting personal and confidential information in all that we do and take care to meet our legal and regulatory duties.

We may ask for or hold personal confidential information to be able to comply with regulations and best practice for employment.

Who are the individuals for whom we collect and use confidential information?

There is one main group of individuals for whom we collect and manage confidential information;

Our clients
Our employees

There may also be times when we are asked to share basic information about employees such as their name and parts of their address, which does not include sensitive information; this may be at times such as during the national census or data collection for the Office of National Statistics.

What information do we use for those who are clients?

The records we hold may include:

Name, email address.

How we use information about clients and who will it be shared with?

We use information about clients to:

Allow us to contact them about HowDidWeDo? related issues or updates.
Allow clients to login to the HowDidWeDo? system, and be sent automated emails such as feedback alerts or password reset links.

What information do we use for those who are employees?

We may ask for, or hold, personal and confidential information to be able to evidence compliance with regulations and best practice for employment. This is to ensure we can correctly identify each employee. We also need to keep proper records of each employee’s performance during their period of employment.

The records we hold may include:

Name, date of birth and contact details.
Photographic proof of identity – e.g. passport, identity card or driving license.
Proof of eligibility to work in the UK.
National Insurance number.
Bank details.
Any criminal record or additions to the barred list for working with vulnerable adults/children.
Employment history and reasons for leaving.
Qualifications and training relevant to the post being applied for.
Medical conditions or disabilities that may affect a person’s ability to work.
Records of performance management and any sickness or disciplinary matters.
Information from organisations associated with paying wages, pensions or company benefits.

Information we hold may also include personal sensitive information such as sexuality, race, your religion or beliefs, and whether the employee has a disability, allergies or health conditions.

How we use information about employees and who will it be shared with?

We use information about employees to:

Evidence the correct checks have been undertaken during recruitment, and that staff are supported and trained.
Ensure staff are paid.
Ensure contributions and information to government and company benefits or schemes are made.
Help inform decisions about effective management of the staff team.
Participate in research and audit.
Prepare statistics on our performance for commissioners and inspectors.

We will sometimes need to share information about employees with other organisations. We may share information with a range of government or company agencies such as:

HMRC.
Pension provider.
Payroll provider.
Company health benefit provider.
Government agencies or regulators where there are concerns about the safety of vulnerable adults.

How information is retained and kept safe?

Information is retained in secure electronic and paper records and access is restricted to only those who need to know.

It is important that information is kept safe and secure, to protect confidentiality. There are a number of ways in which privacy is shielded; by removing identifying information, using an independent review process, adhering to strict contractual conditions and ensuring strict sharing or processing agreements are in place.

The Data Protection Act 1998 regulates the processing of personal information. Strict principles govern our use of information and our duty to ensure it is kept safe and secure.

We are registered with the Information Commissioners Office (ICO) as an organisation that holds and processes information which is sensitive and personal.

The registration number can be found on the ‘Search the Register’ part of the ICO webpage https://ico.org.uk/esdwebpages/search.

How do we keep information confidential?

Technology allows us to protect information in a number of ways, in the main by restricting access. Our guiding principle is that we hold information in strict confidence.

Everyone working for us is subject to the Common Law Duty of Confidentiality and the Data Protection Act 1998. Information provided in confidence will only be used for the purposes for which consent has been sought, unless there are other circumstances covered by the law.

As part of their terms of employment, all staff are required to protect information, tell people how their information will be used and allow them to decide if and how their information can be shared, except where there is a legal obligation to share information. In these circumstances this will be noted in the records for the person concerned.

All of our staff are required to undertake regular training in data protection, confidentiality, IT/cyber security, with additional training for specialist staff, such as records, data protection officers and IT staff.

Your right to withdraw consent for us to share your personal information

Individuals have the right to refuse/withdraw consent to information sharing at any time. We will fully explain the possible consequences, and any legal obligations we have to share information where we cannot comply with a request not share information.

Contacting us about your information

We have a senior person responsible for protecting the confidentiality of information and enabling appropriate sharing. The Data Protection Officer has responsibility for advising the Company about the protection of general personally identifiable information. The contact details for the Data Protection Officer can be found in the Contact Us details below.

Contact Us

If you have any questions or concerns regarding the information we hold, or the use of personal and confidential information or would like to discuss further, please contact the Information Governance Team.

Information Governance Team

Drakes Court

302 Alcester Road

Wythall

Birmingham

B47 6JR

Email: information.governance@hcsolutions.co.uk

Phone: 01564 820140

Can I access my information?

Under the Data Protection Act 1998 a person may request access to information (with some exemptions) that is held about them by an organisation. For more information on how to access the information we hold about you please speak to your line manager or a member of the Information Governance Team at Head Office.

We try to meet the highest standards when collecting and using personal information. We encourage people to bring concerns to our attention and we take any complaints we receive very seriously. You can submit a complaint through the Company’s Complaints Procedure, details of which are on display in the home or are available on our web site, or you can write to:

The Complaints Department

Information Governance Department

Drakes Court

302 Alcester Road

Wythall

Birmingham

B47 6JR

If you remain dissatisfied with the Company’s decision regarding your complaint, you may wish to contact:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

0303 123 1113

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The cookie is set by Google Analytics to distinguish users. We use Google Analytics to help us understand how our customers use our website across multiple devices using information collected via cookies, web beacons and other storage technologies. For instance, the pages visitors go to most often, or if they are met with error messages from web pages. This helps us to improve the user experience of our website. In addition, we can see how our customers have reached our website through marketing activity. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
_gid	24 hours	The cookie is set by Google Analytics to distinguish users. We use Google Analytics to help us understand how our customers use our website across multiple devices using information collected via cookies, web beacons and other storage technologies. For instance, the pages visitors go to most often, or if they are met with error messages from web pages. This helps us to improve the user experience of our website. In addition, we can see how our customers have reached our website through marketing activity. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Privacy Notice

Get in touch to see how we could help you

Get in touch