PRIVACY POLICY

If you have any questions or concerns about our privacy policy, or how we process your data, please contact us.

Data Protection Officer
102 Queslett Road East, Birmingham, B74 2EZ

0121 352 1844 | administration@dmrservices.co.uk

Calls are recorded for training and monitoring purposes.

This privacy policy relates to our service users including young people under our residential care and those who access our services through the community. We may update this policy at any time and we will always make any amended policy available to you through our website as soon as reasonably practical. It is important that you read this policy and understand your rights. We may collect, store and use the following information about you:

• Personal contact details such as your name, title, address, telephone numbers and personal email addresses or other contact preferences
• Your date of birth
• Your marital status and dependants
• Next of kin and any emergency contact details that have been provided to us
• Your national insurance number and your NHS number
• Bank or other payment details
• Identification information contained within your passport, driving licence or other proof of identity and address
• Online identifiers or other social media identifiers
• Information relating to your current status, nationality and residency
• Information relating to your race, ethnicity, religious, philosophical and moral beliefs, sexual life, sexual orientation and any other information that has been provided to us about you
• Information relating to your health including your physical and mental health and any medical conditions you may have.

How we collect your information
We may collect your personal information directly from you or a representative of you including legal professionals and local authorities at any time whilst you are in contact with our service. We may collect, store and use your personal information throughout your time in our care. We may also collect information from third parties including local authorities, legal and the NHS or other third party that passes information to us in relation to you.

Why we collect your information
In most cases, we will use your personal information to provide our service to you. In some cases, we may need to use your personal information to protect your or someone else’s interests. DMR Services may share this information within our group, but it will always be done so in accordance with this privacy policy. We may combine this with other information to provide and improve our service.
We will only use your personal information when the law allows us to. We will use your personal information in the following circumstances:

• Where you or a representative have provided us with consent
• Where we need to comply with a legal obligation
• Where it is necessary for legitimate interests and your interests and fundamental rights do not override those interests.
• Where we need to protect your interests or someone else’s interests
• Where it is needed in the public interest or for an official purpose
• The situations in which we may use your personal information will include:
• Providing a service to you
• Facilitating the settlement of any applicable fees (if appropriate)
• Facilitate communications between us and your other care providers
• Help us to develop, operate, deliver and improve the quality of the care we provide
• Sending important notices to you or those acting on your behalf which may include updates to your care or the service that is being provided
• For security and health and safety reasons, which may include the use of our CCTV systems
• Fore internal purposes such as audits, data analysis and research to improve the care and services we offer
• To test our computer systems to improve the care and services we offer, such as the software we use to manage and store your information.
• To provide you with care, intervention or other service
• Safeguarding reasons
• For legal reasons, such as to comply with health and safety obligations or to respond to requests from the Police.

We will not sell, share or give information about you to others for the purpose of marketing.

What happens if you do not share your personal information with us
The personal information we collect about you may be stored either in paper or electronic form. In any cases, we will ensure our processes are appropriate to ensure the security of your information.

How changes in the way we use your information will be managed
We will only use your personal information for the purposes for which we originally collected it for, unless we consider that need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for any other reason, we will update this privacy policy on our website as soon as is reasonably practical. We may at times process your information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Why we may need to share your information with third parties
We will share your personal information with third parties where we are required to do so by law, where it is necessary to provide you with care or any other service, to protect your interests or someone else’s interests, or where we have any other legitimate reason to do so.

What type of third parties process your personal information
Third parties include third party service provides such as our IT software providers, local authorities, law enforcement or other entity of DMR Services. Where we engage third party providers to provide certain services to our business, such as IT software or systems providers, we need to allow them to process personal data as necessary with their tasks. Where this is the case, we require the third party to commit to compliance with the relevant data protection legislation. If our services are commissioned for you by a third party, such as a local authority, we may be required to share some information about you to them.

How we share your information with third parties
We may at times also share your personal information with other third parties as necessary including requests from a regulator or otherwise to comply with the law.

How long will we use your information
We will only retain your information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of any legal, accounting or reporting requirements. Details of retention periods are available on request. To determine the appropriate retention period, we consider the amount, nature, sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your data and whether we can achieve this by another mean, and the applicable legal requirements.

In some cases, we may anonymise your personal information so that it can no longer be associated with you, in which case we may use that information without further notice to you.

How we store your personal data
The personal information we collected is stored in a variety of paper and electronic forms. We have appropriate processes in place to ensure your information is kept secure.

Protection of your information
We have appropriate security measures in place to prevent your personal information from being accidentally lost, used or accessed in any unauthorised way, altered or disclosed. In addition, we limit the access to your personal information to our employees, workers or other third parties who need access it. They will only process your information on our instructions and they are subject to a duty of confidentiality. Details of these measures can be obtained on request. We have in place a number of procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Accuracy of personal information
DMR Services makes it easy for you to keep your personal information accurate, complete and up to date. You can contact us to update your information at any time.

When we may transfer your information overseas
We may transfer your information overseas to other counties within the European Economic Area. There are adequacy regulations in respect of these countries. This means that’s these counties are able to provide adequate levels of protection for your personal information.

We may transfer your information to the United States of America, or other parts of the world outside of the United Kingdom where there has been no adequacy decision. This means that these countries are not deemed to provide adequate protection of your data. We will only transfer your data to these countries in exceptional circumstances that include when a third party supplier, such as an IT software provider can only deliver their services by transferring your data to that country, or in such ways that their It infrastructure is structured in such a way that data can only be stored in those countries. We ensure providers commit to ensuring your data is protected in a manner consistent with UK data protection law.

Access to your personal information
In most circumstances, you are entitled to see what information we hold about you at any time. This privacy policy outlines the information we may hold about you and why. If you wish to access your information, please send a request to adminstration@dmrservices.co.uk. We are not required to process any request for access which is frivolous or vexatious, jeopardizes or otherwise affects the privacy of others, are impractical, or for which access is not otherwise required by law. We will let you know in writing if any of these circumstances apply to your request.

Additional rights
You may also have the right to:

• Object to the processing of your data that is likely to cause, or is causing, damage or distress
• Prevent processing for the purposes of direct marketing
• Object to decisions being taken by automated means
• In some cases, have any inaccurate personal data corrected, blocked, erased or destroyed
• Data portability, where technically available and such information is held electronically