Introduction

This privacy notice applies to information about Care Link customers and we ask that you read it carefully as it contains important information on who we are, how and why we collect, store, use and share your personal information. It also contains information about your rights in relation to it and how to contact us or the Information Commissioner’s Office if you have a concern or complaint.

We will avoid jargon but please note that ‘personal information’ is information about you from which you can be identified whether directly or indirectly.

This notice tells you:

  • who we are;
  • what the information is;
  • what we are doing, or might do with it and why;
  • who we might share it with and why;
  • the lawful basis for processing in each case;
  • how long we will retain it;
  • how we will keep it safe; and
  • what your rights are.

Who we are

Care Link is part of Wakefield and District Housing (WDH), a registered charitable Community Benefit Society that provides social housing and support. WDH are the Data Controller of personal information and is registered with the Information Commissioner (ICO reg. no. Z9160379). We are regulated under the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

You can read the main WDH privacy notice here.

Our contact details for data protection purposes are as follows.

Information Governance Team
WDH
Merefield House
Whistler Drive
Castleford
WF10 5HX

Email: [email protected]

The individual responsible for data protection compliance is our Data Protection Officer, who is contactable using the above details.

How we use your information

In the course of our activities, we process your personal information for the following reasons.

  • Assessing your needs and trialling the Care Link service.
  • Providing the Care Link services.
  • Providing associated welfare services, advice and support.
  • Promoting equal opportunities.
  • Keeping you informed of new products and services and to complete customer satisfaction surveys to help monitor performance and improve services.
  • Dealing with complaints and any feedback from you.
  • To comply with legal and regulatory obligations.

We collect most of this information directly from you in person by phone or email and / or through our website. However, we may also collect information from third parties such as health and social welfare agencies, the police and enquiries that are received from councillors, MPs or someone acting on your behalf.

What information we collect

To provide the Care Link services and fulfil the contract we have with you, we will collect the following information.

  • Name.
  • Address.
  • Contact information including email address and phone number for each person living in the property.
  • Doctor’s name and practice address.
  • Name, address and phone number of any next of kin and contacts you may have.
  • Date of birth.
  • Photographic ID.
  • Bank details.
  • Benefits / council tax details.
  • Call recordings from our contact centre.
  • Your correspondence and communications with us.
  • Alarm activations triggered by you or your actions.

When you provide information about household members, we assume that you do so with their full knowledge and consent.

We may hold other information about you for specific purposes for the services we provide. If you do not provide the information, we need then we may not be able to provide all our services to you.

Special categories of personal data

Providing the Care Link service requires us to routinely process the health data of customers. We rely on:

  •  GDPR Article 9 2(b),
  • The Data Protection Act (DPA) 2018 Schedule 1, Part 1 (1) (social security and social protection) 
  • The Provision and Management of Health and Social Care (GDPR Article 9 2(h)),
  • The DPA 2018 Schedule 1, Part 1 (2) (health and social care purposes).

We also collect faith, race and sexual orientation data to monitor equality, diversity and inclusion to help ensure our services are delivered fairly. The lawful basis we rely on to process this information is Consent and The DPA 2018, Schedule 1, Part 2 (8) (Equality of opportunity and treatment). 

The DPA 2018 requires us to have an Appropriate Policy Document (‘APD’) for certain conditions of processing special category data. Our APD sets out and explains our procedures for securing compliance with the principles of GDPR and policies regarding the retention and erasure of such personal data.

We are committed to keeping your personal details up to date, and we encourage you to inform us about any changes needed to make sure your details are accurate.

Promotional communications

We may use your personal information to send you updates (by email, text message, phone or post) about our products and / or services and those from selected third parties.

We have a legitimate interest in processing your personal information for promotional purposes to promote our business to existing and former customers. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this separately and clearly.

We will always treat your personal information with the utmost respect and never sell it to other organisations outside Care Link for marketing purposes

You have the right to opt out of receiving promotional communications at any time by emailing [email protected] or using the ‘unsubscribe’ link in emails or the ‘STOP’ number in texts.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and / or services in the future or if there are changes in the law, regulation, or the structure of our business.

Your personal information

We are committed to making sure that your privacy is protected. Any information you provide will be held securely and in line with the GDPR and the Data Protection Act 2018.

We will share personal information where required with:

Data Processors

To provide services such as customer management platforms, online services and cloud storage we use Data Processors that we have a written agreement with. All Data Processors are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our Data Processors to 
use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in line with our instructions.

Other Data Controllers:

  • Local authority teams such as social services, benefits agencies and council tax.
  • Credit reference agencies.
  • Our insurers and brokers.
  • Relevant statutory agencies such as Department for Work and Pensions and HMRC.
  • To comply with a legal requirement.

How long we retain your personal data

How long we keep your personal data depends on the type of data and what it is used for. We have set retention periods, listed in our Records Retention Schedule.

Automated Decision Making

Your personal data is not used in any automated decision making (a decision made solely by automated means without any human involvement) or profiling (automated processing of personal data to evaluate certain conditions about an individual).

We employ profiling technologies for statistical analyses of our tenants and properties which are used to manage our properties and run our business. While the analyses from profiling are automatically produced, the results are reviewed by a human and actions are determined by a human.

Your Data Protection rights, including your right to complain

Please read about your data protection rights on our privacy page.

Transferring your personal information out of the UK

To deliver services to you it may be necessary for us to share your personal information outside the UK, for example if we were to use a cloud service provider based outside the UK. These transfers are subject to rules under UK data protection law. In such a situation, we will make sure that we have adequate safeguards and security measures in place as required by the UK GDPR.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner 
and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Visitors to our website

We take a proactive approach to user privacy and ensure that appropriate steps are taken to protect the privacy of users of our website.

For further details please see our Cookies Policy.

Changes to this privacy notice

We may change this privacy notice from time to time, when we do we will inform you by an update on our website at www.wdh.co.uk/CareLink.

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us, please email [email protected] or write to our Information Governance team, WDH, Merefield House, Whistler Drive, Castleford, WF10 5HX or call us on 0345 8 507 507.

Do you need extra help?

We are committed to giving everyone equal access to information. If you would like this information in another format please phone us on 0345 8 507 507.