Data Privacy Notice
Data Privacy Notice
Meadows Psychology Service (MPS) is a limited company registered in England with a company number of 14706434. We are a sister company to Meadows Care Ltd whose company number is 05087886. For both companies, the registered office is at Egerton House, Wardle Road, Wardle, OL12 9EN.
We are registered with the Information Commissioner’s Office (ICO), the UK data-protection regulator, our registration number is Z1652894. Meadows Care will be the ‘data controller’ for the purposes of the data-protection laws in relation to any personal information we hold about you.
We are fully committed to employee confidentiality and protecting your personal information. We have appointed a member of Meadows Care and MPS as our Information Officer and representative for data-protection matters.
As technology develops and as our private information could be used and shared, people were becoming increasingly worried about security-this was why GDPR was brought in. The purpose of GDPR is to provide a set of standardised data protection laws to make sure that your data (i.e. Information about you) is as safe as possible.
This document sets out how Meadows Care and MPS comply with these laws and will explain how we use your personal data and the types of data that we may share or process. It also explains your privacy rights and how we will be careful and fair in how we treat your personal information and ‘data’.
The types of personal ‘data’ that we collect, process, hold and share include:
- Personal information (such as name, employee number, email address, home address, next of kin and contact number)
- Special categories of data including characteristics information (such as gender, age and ethnic group)
- Contract information (such as start dates, hours worked, post, roles and salary information)
- HR information (such as absence record, appraisal, supervision records, performance indicators, training, qualifications, disciplinary record and pre-employment checks)
- Finance information (such as national insurance, bank details and salary).
Why we collect and use this data
- To monitor and manage employment under policies and procedures
- To enable the development of a comprehensive picture of the workforce and how it is deployed
- To inform the development of recruitment and retention policies
- To enable our regulators (Ofsted) to understand and to regulate our services in the interests of the young people
- To enable individuals to be paid appropriately
- For legal requirements and insurance purposes.
If none of these reasons apply, we may ask for your specific permission.
Storing this information
We will never retain your personal data for any longer than is necessary and we hold the different types of ‘data’ in accordance with the legislation we are regulated by. For example, some finance information is held for 3 years, whereas key HR information will be held for 50 years. For further details on this please email GDPR@meadowscare.co.uk or write to HR at Head Office using the address below.
Who we may share this information with:
- Health Shield / Pension / Company incentives / Insurance companies
- Training partners
- Sage (payroll)
- HR Advisors
- Reg 44 Visitors
In exceptional circumstances, we may need to share your personal information with:
- Local Authorities
- When the information concerns risk of harm to the client, or risk of harm to another adult or a child. We will discuss such a proposed disclosure with you unless we believe that to do so could increase the level of risk to you or to someone else
Whenever possible, we will only share your personal information with them on a confidential basis.
What we will NOT do with your personal information
We will not share your personal information with third-parties for marketing purposes
How we ensure the security of personal information
- We control who has access to personal information
- We have a secure system within Meadows Care and the wider partners used ensuring they are all GDPR compliant.
- Personal information is also stored on a secure server owned by Meadows Care. In addition, Malware and antivirus protection is installed on all computing devices.
Your right to access the personal information we hold about you
- You have a right to access the information we hold about you. To make a request for your personal information please email GDPR@meadowscare.co.uk or write to HR at Head Office using the address below
- If possible, we will usually share this with you within 30 days of receiving a request
- There may be an administration fee for supplying the information to you
- We may request further evidence from you to check your identity
- A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy)
- You have a right to get your personal information corrected if it is inaccurate
To help us process your request quickly and efficiently, please provide as much detail as possible about the personal data you are requesting access to. Please include time frames, dates, names, types of documents, file numbers, or any other information to help us locate your personal data.
We will contact you for additional information if the scope of your request is unclear or does not provide sufficient information for us to conduct a search (for example, if you request “all information about me”). We will begin processing your access request as soon as we have verified your identity and have all of the information we need to locate your personal data.
If the information you request reveals personal data about a third party, we will either seek that individual’s consent before responding to your request, or we will redact third parties’ personal data before responding. If we are unable to provide you with access to your personal data because disclosure would violate the rights and freedoms of third parties, we will notify you of this decision.
Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or made your personal data anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
How to complain
- You can complain to a regulator. If you think we haven’t complied with the data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office at https://ico.org.uk/concerns/.
If you would like to discuss anything further please contact the GDPR officer Jonathan Rigg on GDPR@meadowscare.co.uk or write to Head Office using the address below.