Privacy notice

What data do we have?  

For client enquiries, for 1 year, we keep contact details and an overview about the potentially support (name, address, date of birth) as well as an outline about the support needed and relevant health issues – this health and social care data is classified as “special category”.

For clients that we provide care to, more in depth information is held.  These records are deleted 3 years after they finish using the service, unless there is a considered reason to keep some of the records for longer, perhaps a safeguarding concern.

The information we hold covers health, specific support requirements, preferences, and, if it is relevant to providing care, information about the client’s race, ethnic origin, sexual orientation or religion.  Ongoing, our staff record details of the care provided as well as reviews of the care plan.  Clients, and other people they nominate can access this information via our PPOC app.

The financial details needed to pay for our service are recorded… as are the names and details for emergency contacts and others involved in the client’s care.  

For potential staff members, we record name, address contacts details, an outline of experience, reasons seeking to work in care and right to work info.  As they progress through the recruitment process we obtain more information such as full employment history, interview notes, DBS checks etc.  This information is kept for 1 year.

For employees, more information is held, including their bank details so that we can pay them, supervision and training records, emergency contacts, date of birth, NI no.  We also record “special category” data which might include physical and mental health data – we will only collect this if it is necessary for us to know as an employer, e.g. fit notes or in order to claim statutory maternity/paternity pay.  We may also, with permission, record data about race, ethnic origin, sexual orientation or religion.

Why do we have this data? 

By law, we need to have a lawful basis for processing personal data.  In order to provide a safe and professional home care service, Gardiner’s needs to process and retain the data described above.    

  • For clients, we process data because we have a legal obligation to do so – generally, under the Health and Social Care Act 2012 or Mental Capacity Act 2005.  We process special category data because it is necessary for us to provide and manage our care services.
  • For staff, we process data because it is necessary to do so to run our service and we have a legal obligation under UK employment law.

We are required to provide some data to our regulator, the Care Quality Commission (CQC), as part of our public interest obligations.

Where do we process your data?

The data is held initially in the digital form that any enquiry and correspondence was made.  Telephone calls are also recorded in case we need to refer back to them to verify details.  For new client, initial records are on paper forms, which are then migrated on to our secure IT systems.  Largely, this is on our care management system, Plait / PPOC.  Care Workers and Clients (or their permitted family) use their personal mobile phones or other devices to securely access PPOC.  

Your rights

The data that we keep about you is your data.  We ensure that we keep it confidential and that it is used appropriately. 

You have the right to:

  • request a copy of the data we keep about you. Generally, we will not charge for this service;
  • ask us to correct any data we have which you believe to be inaccurate or incomplete.
  • request that we restrict all processing of your data while we consider your rectification request;
  • ask that we erase any of your personal data which is no longer necessary for the purpose we originally collected it for.
  • request that we restrict processing if we no longer require your personal data for the purpose we originally collected it for, but you do not wish for it to be erased.
  • ask for your data to be erased if we have asked for your consent to process your data. You can withdraw consent at any time.

If we are processing your data as part of our legitimate interests as an organisation or in order to complete a task in the public interest, you have the right to object to that processing. We will restrict all processing of this data while we look into your objection.

Any request relating to these rights should be made by telephoning or emailing John-Joe Cottam, our Data Protection lead.  We may need to verify your identity before sharing your data.

If the request is manifestly unfounded or excessive we may either request a reasonable fee to cover our administrative costs or we may refuse to comply with the request, informing the individual why we are not taking action and telling them about their right to complain to the ICO, and to seek a judicial remedy.

We will always respond to your request as soon as possible and usually within one month. If the request is complex, a 1 month extension may be required in which case we will inform the individual in writing detailing the reasons why it is required.  

If you are unhappy about how we have dealt with your request, we ask that you speak to us about the issue.  If you aren’t satisfied, you have the right to complain about how we have dealt with your request.  To do so, please contact the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF – 0303 123 1113.

Data Sharing

Our service forms one element in the range of care and support services that our clients engage.  From time to time we need to share information with other health and social care providers.  When a Service User needs a health service, whether this is from a general practitioner, from a hospital, or from some other health professional, it is vital that the body responsible for the treatment has the fullest possible information. Gardiner’s staff will often have been in a good position to observe the Service User’s needs and symptoms will cooperate as fully as possible in supplying information to responsible health service.

We will seek permission to share informaiton but if unable to obtain consent, a best interest decision will be made, for example we may need to speak with an individual’s GP if concerned about the individual’s health, or the individual’s local Safeguarding team if concerned about abuse.

It is important for staff to consider the type of information and why they need to share it. For example: if we have details of somebody’s medical condition and their GP requests this information so that they can provide care, that’s a good reason to share. 

We may also process your data with your consent.  For example solicitors or insurers who are acting on our cleints behalf.  We will seek your consent, give you a clear choice explaining clearly what we need the data for and how you can withdraw your consent at any time. 

The national data opt-out gives everyone the ability to stop health and social care organisations from sharing their confidential information for research and planning purposes, with some exceptions such as where there is a legal mandate/direction or an overriding public interest for example to help manage the covid-19 pandemic.   Gardiner’s reviews all of our data processing on an annual basis to assess if the national data opt-out applies. At this time, we do not share any data for planning or research purposes for which the national data opt-out would apply. 

How do we share information safely?

Staff receive training on data protection.  With verbal communications, this includes that they must take appropriate precautions not to reveal confidential information e.g. avoid being overheard when making a call, avoid confidential conversations in public places or open offices.

Face- to-face conversations

  • Make sure the person you are talking to has a right to the information they are asking for;
  • Always ask if they would rather have private conversations in a private room;
  • Always be aware of the risk that other people might overhear private conversations and make steps to prevent that from happening.

Telephone Conversations

  • Always confirm that the person is who they say they are;
  • Only provide information that the person has a right to know;
  • Be aware of who else can hear your phone call and make sure other people do not eavesdrop on your confidential call.

Emailing information 

  • Personal confidential information should only be sent via email if it is encrypted.

We will ensure that all confidential information we transfer by post or courier is done so as securely as is practicable. All records transferred in this manner are addressed to a named individual and marked “Private and Confidential”. 

This website

This policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.

We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of this website throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.


Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. 

We may use cookies to remember the personal settings you have chosen on our website. In no other context do we use cookies to collect information that identifies you. Most of the cookies we set are automatically deleted from your computer when you leave our website or shortly afterwards.

We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features. If you log into the website, application or a course as a registered user, your session cookie will also contain your user ID so that we can check which services you are allowed to access.

This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.

Should users wish to deny the use and saving of cookies from this website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.

  • YSC (YouTube Cookie)
  • GPS (YouTube Cookie)
  • VISITOR_INFO1_LIVE (YouTube Cookie)
  • PREF (YouTube Cookie)
  • SERVERID (Care Quality Commission Cookie)
  • _gat (Google Analytics Cookie)
  • _gid (Google Analytics Cookie)
  • _ga (Google Analytics Cookie)
  • fr (Facebook Advertising Cookie)
  • _hjFirstSeen (HotJar tracker)
  • _hjIncludedInSessionSample (HotJar tracker)
  • _hjIncludedInPageviewSample (HotJar tracker)
  • _hjAbsoluteSessionInProgress (HotJar tracker)
  • _hjSessionUser_2872403 (HotJar tracker)
  • _hjSession_2872403 (HotJar tracker)

To check the list of cookes above represents the complete and latest list you can visit

Personal information

Whilst using our website, software applications or services, you may be required to provide personal information (name, address, email, account details, etc.). We will use this information to administer our website, applications, client databases and marketing material. We will ensure that all personal information supplied is held securely in accordance with the Data Protection Act 1998. Further, by providing telephone and email details, you consent to Gardiner’s Homecare Limited contacting you using that method. You have the right at any time to request a copy of the personal information we hold on you. Should you wish to receive a copy of this, or would like to be removed from our database, please contact us at

Contact forms

This website uses contact forms to allow you to submit emails to us. When doing so you will need to accept a checkbox that agrees to use storing your email and information in our email servers.

Information collection and use 

Gardiner’s Homecare Limited collects information in two possible ways:

  1. When you directly give it to us (“Directly Provided Data”) – When you sign up for our site, purchase our products or communicate with us, you may choose to voluntarily give us certain information – for example, by filling in text boxes or completing registration forms.  All this information requires a direct action by you at that time in order for us to receive it.
  2. When you give us permission to obtain from other accounts (“User Authorised Data”) – Depending on your settings or the privacy policies for other online services, you may give us permission to obtain information from your account with those other services. For example, this can be via social media or by choosing to send us your location data when accessing our website from your smartphone. 

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.  These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.


This website uses Google Analytics to provide our analytics and reporting services so we can estimate our traffic and website performance.  This requires two Google Analytics cookies.  You can opt-out of Google Analytics data collection with the Google Analytics Opt-out Browser Add-on.  You may also wish to refer to this website for additional information about disabling cookies from your browser:

Who we share your data with

We do not share or sell your personal data to other organizations for commercial purposes, except to provide the products or services you’ve requested, when we have your permission or if we need to comply with law enforcement authorities.

We share information with only a few third parties that include:

  • Google Analytics – No personal data is shared.
  • Google Search Console – No personal data is shared.
  • Google Adwords – No personal data is shared.
  • MailChimp – We use MailChimp to provide our email marketing services.
  • Hotjar – To report on how people interact with the website.
  • Facebook – We use Facebook’s advertising platform which involves us exchanging data about our visitors.

We will not share your data with anyone else unless legally obligated to do so.

How long do we keep your data for?

Gardiner’s Homecare Limited will not retain your personal information longer than necessary. We will hold onto the information you provide either while your account is in existence, or as needed to be able to provide the Services to you, or (in the case of any contact you may have with our Customer Care team) for as long as is necessary to provide support-related reporting and trend analysis only.

If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after you have closed your account or it is no longer needed to provide the Services to you.

Registration forms

Gardiner’s Homecare Limited will not sell or rent your personally identifiable information, gathered as a result of filling out the site registration form, to anyone.

Choosing how we use your data

We understand that you trust us with your personal information and we are committed to ensuring you can manage the privacy and security of your personal information yourself.

With respect to the information relating to you that ends up in our possession, and recognising that it is your choice to provide us with your personally identifiable information, we commit to giving you the ability to do all of the following:

  • You can verify the details you have submitted to Gardiner’s Homecare Limited by contacting our customer services team Our security procedures mean that we may request proof of identity before we reveal information, including your e-mail address and possibly your address.
  • You can also contact us by the same method to change, correct, or delete your personal information controlled by Gardiner’s Homecare Limited regarding your profile at any time.  Please note though that, if you have shared any information with others through social media channels, that information may remain visible, even if your account is deleted.
  • You are also free to close your account through our account settings. If you do so, your account will be deactivated. However, we may retain archived copies of your information as required by law or for legitimate business purposes (including to help address fraud and spam).
  • You can always feel free to update us on your details at any point. To do this, please contact us
  • You can unsubscribe from receiving marketing emails from us by clicking the “unsubscribe” link at the bottom of any email. Once you do this, you will no longer receive any emails from us.
  • You can request a readable copy of the personal data we hold on you at any time. To do this, please contact us

Email Newsletter

Gardiner’s sends a weekly email newsletter sharing what we hope will be useful and interesting information to those who choose to subscribe.  The email address of those who do subscribe will only be used so that we can send our newsletter email to them.  We will not pass email addresses to any other party.  People can opt-out of receiving the email newsletters at any time by either clicking the unsubscribe link which appears at the end of every automated email or by contacting Gardiner’s directly.

Please note, we are constantly reviewing how we process and protect data. Therefore, changes to our policy may occur at any time. We will endeavour to publicise any changes.

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Additional information

How we protect your data

We ensure your data is secure at all times and processed over a secure connection. Always look for the padlock in the browser address bar to check if an SSL certificate is installed.  We only load our website over https only avoiding insecure connections.

What data breach procedures we have in place

If there is a data breach we commit to abiding by the GDPR regulations for informing those affected within 72 hours.

What third parties we receive data from

We receive data from Google Analytics that helps us determine the best performing content, times of the day etc, however, we do not collect any personal or private information. Everything is anonymized and gives us a holistic view instead of data on individuals.

Use of External Links

This website may contain links to different websites.  We cannot guarantee the accuracy of the information found at any external sites.  Any information on external websites we link to cannot be considered an endorsement by us.

Policy Changes

We reserve the right to update the privacy policy at any time with or without prior notice.  However, be assured that if the privacy policy changes in the future, we will not use the personal info you submitted to us under this policy in a way that is materially inconsistent with the existing version, without your prior consent.