Data Protection Policy

Integrity Domiciliary Care Services (IDCS) Limited
Effective Date: August 2025

1. Introduction

Integrity Domiciliary Care Services (IDCS) Limited is committed to safeguarding the privacy and personal data of all individuals we engage with, including clients, staff, care professionals, and partners. This policy outlines our approach to ensuring compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Purpose

The purpose of this policy is to ensure that IDCS:

• Processes personal data lawfully, fairly, and transparently

• Collects personal data for specified, explicit, and legitimate purposes

• Ensures data is accurate, relevant, and up to date

• Stores data securely and retains it only for as long as necessary

• Respects the rights of individuals about their data

3. Scope

This policy applies to:

• All employees, care professionals, contractors, and volunteers of IDCS

• All personal data processed by IDCS in any format (digital or paper)

• Any third parties with whom IDCS shares personal data

4. Legal Basis for Processing

We process personal data under one or more of the following lawful bases:

• The data subject has given consent

• Processing is necessary for the performance of a contract

• Processing is required for compliance with a legal obligation

• Processing is necessary to protect vital interests

• Processing is carried out in the public interest or exercise of official authority

• Processing is necessary for legitimate interests pursued by IDCS

5. Types of Personal Data Collected

IDCS may collect and process the following types of personal data:

• Contact details (name, address, email, phone number)

• Identification documents

• Employment and training history

• Health information (where relevant for care provision)

• DBS checks and safeguarding records

• Payroll and bank account details

• Service user care plans and assessments

6. Data Subject Rights

Individuals have the following rights under the UK GDPR:

• The right to be informed

• The right of access

• The right to rectification

• The right to erasure

• The right to restrict processing

• The right to data portability

• The right to object

• Rights about automated decision-making and profiling

Requests to exercise any of these rights should be made in writing to our Data Protection Officer (details below).

7. Data Sharing and Third Parties

Personal data may be shared with third parties such as:

• Regulatory bodies (e.g. CQC, HMRC)

• Payroll and accounting providers

• IT and software providers

• Social services and care commissioners

• Other healthcare providers were relevant to service provision

All third-party processors are contractually obliged to comply with data protection regulations and maintain appropriate safeguards.

8. Data Security Measures

We have implemented suitable technical and organisational measures to protect personal data, including:

• Password-protected systems and secure user access

• Encrypted communications and data storage

• Physical security controls for files and equipment

• Regular staff training on data protection responsibilities

9. Data Retention

IDCS retains personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal, regulatory, and contractual obligations. After that, data will be securely destroyed or anonymised.

10. Data Breaches

In the event of a data breach, IDCS will follow its incident response plan. Serious breaches will be reported to the Information Commissioner’s Office (ICO) within 72 hours and, where applicable, affected individuals will be notified.

11. Roles and Responsibilities

• Directors and Managers are responsible for implementing this policy and ensuring compliance within their departments.

• All Staff and Carers are responsible for understanding their data protection obligations and reporting any concerns.

• Data Protection Officer (DPO) oversees compliance and handles data requests and breaches.

Contact for Data Protection Matters:
Integrity Domiciliary Care Services (IDCS) Limited
Address: Ability House, 121 Brooker Road, Waltham Abbey, EN9 1JH, United Kingdom
Email: info@integritycareservice.com
Telephone: +44 208 145 3355

12. Review and Approval

This policy will be reviewed annually or when changes in legislation require updates.

Approved by: Sarah Santeng
Position: Chief Executive Director
Date: August 2025