Kirklees Care Association Privacy Policy

Kirklees Care Association takes your privacy extremely seriously. We will always manage your data responsibly and securely.

This policy explains what information we collect and process, the reasons we collect this, how we use it and how you can check and update any of your personal information.

For the purposes of this Privacy Policy, “we” or “KirCA” means Kirklees Care Association.

Our contact details
Name: Kirklees Care Association (KirCA)
Registered Address: Carnegie House, 31 Castleford Road, Normanton WF6 2DP
Website: www.kirkleescareassociation.co.uk
Email address: [email protected]

The type of personal information we collect
We currently collect and process the following information linked to an organisation’s membership of KirCA:

  • Names of KirCA members’ staff who wish to receive information from KirCA.
  • Job titles.
  • Contact details, including emails, work addresses and telephone numbers including mobile phone numbers.
  • The number of beds, employees, or total hours of home care per week that KirCA members have.

We also collect KirCA employee personal information, including:

  • Your name, address, date of birth, National Insurance number and next of kin;
  • Your financial details e.g., details so that we can pay you, insurance, pension and tax details.
  • Your training records

We also record the following employee data which is classified as “special category”:

  • Health and social care data about you, which might include both your physical and mental health data – we will only collect this if it is necessary for us to know as your employer, e.g. fit notes or in order for you to claim statutory maternity/paternity pay;
  • We may also, with your permission, record data about your race, ethnic origin, sexual orientation, or religion.
  • As part of your application, you may – depending on your job role – be required to undergo a Disclosure and Barring Service (DBS) check (Criminal Record Check). We do not keep this data once we’ve seen it.

How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You register to be a Member of KirCA.
  • You make changes to, or close Membership with us.
  • You provide information so that we can send you our bulletins or invite you to events and meetings.
  • You get in touch with us to ask something.
  • You go to our website and raise queries through our contact us functions.
  • You attend any of our networks, training workshops, conferences, and events.
  • You apply for a job with us / become a KirCA employee.

We may also receive personal information indirectly, from the following sources in the following scenarios:

  • Your employer/manager or work colleague provides us with your contact information so that we can provide you with information about our services, activities and relevant opportunities.
  • KirCA’s commercial partners and supporters may provide us with contact details if you are a customer of theirs and they feel you might be interested in our services and activities.

How we use your information
For KirCA members, we use the information that you have given us to keep in touch with you and to supply and improve our benefits and services. We will also use your information to tell you about benefits and services that we think may interest you.
This means using your information to:

  • Manage your Membership.
  • Send you relevant emails, Newsletters and E-Bulletin communications.
  • Arrange payments for our benefits and services.
  • Get in touch with you (e.g., if we need to tell you about any problems related to your Membership).
  • Manage our database and your information kept on our database.
  • Look into any complaints or questions you may raise.
  • Trace and recover debts, and manage any credits owed to us.
  • Tell you if we’ve changed the way a benefit works or tell you about a new benefit that we think may interest you.
  • Check what you’re interested in, so we can offer (and develop) relevant benefits and services.
  • Improve our benefits and services and develop new ones.
  • Send you information about our benefits and services (or those from selected Commercial Partners we think you’d be interested in).

We may share this information with:

  • KirCA Sponsors: KirCA Member organisation names are shared with KirCA Sponsors in order that they can assess eligibility for member discounts and offers. Currently no other information is shared with third parties without written consent.

For KirCA employees, we require this data so that we can contact you, pay you and make sure you receive the training and support you need to perform your job. By law, we need to have a lawful basis for processing your personal data.

We process your data because;

  • We have a legal obligation under UK employment law;

We process your special category data because;

  • It is necessary for us to process requests for sick pay or maternity pay.

If we request your criminal records data it is because we have a legal obligation to do this due to the type of work you do. This is set out in the Data Protection Act 2018 and the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975. We do not keep a record of your criminal records information (if any). We do record that we have checked this.

We may also process your data with your consent. If we need to ask for your permission, we will offer you a clear choice and ask that you confirm to us that you consent. We will also explain clearly to you what we need the data for and how you can withdraw your consent.

Where do we process your data
For KirCA employees, as your employer we need specific data. This is collected from or shared with:
1. You or your legal representative(s);
2. Third parties.
We may do this face to face, via phone, via email, via our website, via post, via application forms, via apps.
Third parties are organisations we have a legal reason to share your data with include:

  • Her Majesty’s Revenue and Customs (HMRC);
  • Our pension and healthcare schemes
  • Our external payroll provider;
  • Organisations we have a legal obligation to share information with
  • The police or other law enforcement agencies if we have to by law or court order.
  • The DBS Service

Lawful basis for processing your information
Under the UK General Data Protection Regulation (UK GDPR), the lawful basis we rely on for processing this information are:

  • We have a contractual obligation.
  • We have a legitimate interest.

We might also share your information:

  • Where we have a legal obligation to do so: To meet requests from a public authority or law enforcement agency (if they ask for it in the prescribed format, or to prevent a crime); to comply with law or regulations, or for possible legal proceedings; if one of our partners who are processing information for us are compelled to do so by law.
  • If there is a vital interest to do so: where we need safeguard or protect you or other people who we reasonably believe to be at risk.

We review all our data processing on an annual basis to assess if the national data opt-out applies. This is recorded in our Record of Processing Activities. All new processing is assessed to see if the national data opt-out applies.
At this time, we do not share any data for planning or research purposes for which the national data opt-out would apply. We review all of the confidential patient information we process on an annual basis to see if this is used for research and planning purposes. If it is, then individuals can decide to stop their information being shared for this purpose. You can find out more information at https://www.nhs.uk/your-nhs-data-matters/.

How we store your personal information
Your information is securely stored. Our systems are secure and password protected.
For member organisations, we keep your personal information that comprises name, job title, email address, telephone numbers including in some cases mobile telephone numbers and work address for the duration of your time as a member of KirCA. For paid employees this is for the time you work for an organisation that is a member of KirCA.
Where you are/ have been a key contact for financial purposes we will hold financial records as per our records retention policy. We will then dispose of your information by deleting records from our database and mailing / email lists. Where paper records are held, we will shred them.
For employees, information is securely stored for the time periods specified in our records retention policy. We will then dispose of the information as confirmed in our record keeping policy.

Your data protection rights

Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. You may need to provide adequate information for our staff to be able to identify you, for example, a passport or driver’s licence. This is to make sure that data is not shared with the wrong person inappropriately. We will always respond to your request as soon as possible and at the latest within one month. Should the request be complex this may be extended to two months, however, we will inform the individual in writing of the extension and the reasons why it is required within one month. Please see our record keeping policy for more details.

Benefit mailing communications

If you do not want us to send you our membership or sponsorship bulletins or relevant social care emails, you can opt-out at any time by replying opt out in the body of the email.

How to check and update your company information

For us to release the information we hold for your company on our database, we will require your request in writing on company letter headed paper, and a signature from Management. This is so that we can verify that we are releasing your company information to the relevant individual/s. Please send this request to:

Data Protection Lead, C/O Kirklees Care Association, Carnegie House, 31 Castleford Road, Normanton WF6 2DP

How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us by emailing: [email protected]
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk