Employee Privacy Notice
We ask that you read this privacy notice carefully as it contains important information on who we are and how we collect, use, store and share personal information. It outlines your rights and how to contact us and other relevant organisations in the event you have a complaint.
Quickly access information on Your rights here.
Who we are
We are Midshires Care Limited trading as Helping Hands (Home Care), registered number 3959933, registered address 10 Tything Road, Kinwarton, Warwickshire B49 6EP.
As a ‘data controller’, we are responsible for how we process your information in the UK. The UK General Data Protection Regulation (UK GDPR) sits alongside an amended version of the Data Protection Act (DPA) 2018 and applies to most UK businesses and organisations. We must comply with this data protection regime with regards to the data protection principles, our obligations and your rights as a UK resident.
All our data processing activities are monitored by our appointed Data Protection Officer to ensure that the information we collect is:
- Used lawfully, fairly and in a transparent way.
- Relevant and for reasons that we have told you about.
- Accurate and up to date.
- Kept only for as long as it is needed.
- Kept securely.
You may also be interested in our:
Information we collect from you
In our role as an employer, and because of the nature of our business, we process different categories of data from our employees during and after the employment period. The type of data includes:
Personal data such as your name, contact details, bank details, data of birth, gender, marital status, driving licence number, vehicle registration number, photographs, next of kin contact details, GP contact details.
Financial details such as payroll records benefits, salary, tax status, national insurance number.
Employment data such as recruitment records (including employment history, references, DBS, right to work, etc.), Performance management records (electronic call monitoring, direct observations, appraisals, supervisions, disciplinary, grievance), Training and competency records, Absence records (annual leave, etc.)
We will always ask for consent for any participation on our media platforms including social media and print publications.
We process ‘special category data’ and criminal offence data which tends to be sensitive by nature and will include:
- Religion
- Medical and health information (including sickness details)
- Nationality or ethnicity
- Criminal cautions or convictions
- Motoring convictions
We may process special category data or health data which is classified as test results and vaccination records collected from you or other external sources because of an infection outbreak.
Under UK GDPR, we rely on the following legal basis to collect, use and share this data:
Article 9(2)(b) – legal obligation under employment, social security and social protection
Article 9(2)(g) – Substantial Public Interest:
- Provide contact data to public health authorities or relevant bodies to invite you to have relevant vaccines
- Inform public authorities where confirmed cases of infection would constitute as an outbreak
- Provide health data requested by public authorities performing a specific public task to reduce transmission and severity of an outbreak
In accordance with GDPR, personal data will be shared in a safe and secure way; limited to only what is necessary and appropriate.
Information we collect from other sources
We may request and collect personal data, and information about you from different employment sources, recruitment agencies and individuals. We collect information from our website, social media and Applicant Tracking System (ATS) that you provide as a candidate during our recruitment process.
We record and retain call recording / audio recording / camera images / video footage for the purposes outlined in Helping Hands Call Recording, Information Security (Acceptable Use) and CCTV Policy.
We may process audio recording / camera images / video footage from 3rd parties to investigate disputes and misconduct.
Purpose for collecting and using your personal information
Under the GDPR, we must have a legal basis to process your information for all the activities we carry out. We rely on the following legal basis for processing:
- Article 6(1)(b) – processing is necessary for the performance of our contracts
- Article 6(1)(c) – processing is necessary for us to demonstrate compliance with the law or regulatory frameworks
- Article 6(1)(f) – in pursuit of legitimate interests for:
- Corporate diligence relating to business development, innovation and staff engagement
- Call recording to monitor service quality, training and orientation, establishment of fact in a case of dispute
- CCTV Monitoring on premises and restricted areas of the business
- 3rd party audio recording / camera images / video footage to investigate disputes and misconduct
- Return of company assets and facilities management
When processing special category (sensitive) data such as your health, diversity information or details of any criminal convictions; we do this on the following grounds:
- Article 9(2)(b) – Legal obligations under employment or social benefit law
- Article 9(2)(f) – Establishment, exercise or in the defence of legal claims or in court
- Article 9(2)(h) – Provision of health or social care or management of health or social care systems or services
- Article 9(2)(g) – Substantial public interest
How we use this information and how long we keep it for
We use the information collected to employ and support you during your employment with Helping Hands Homecare. The period of retention commences after employment has ended.
We use your personal information to: | For how long? |
To maintain accurate and up to date personnel records of personal data, employment data, contracts and financial information
To record and manage statutory meetings such as redundancy, disciplinary or grievance proceedings To record and manage mediation and conflict resolution To process and assess special category data and health information where relevant to job role To receive and process records of managed moves, resignations and facilitate exit interviews and leavers workflows |
6 years
*employee record summary kept up to 75th birthday |
To record and process records of absence, annual leave, sick notes, Return to work, DBS checks, MATB1, etc. | 3 years |
To manage training needs by arranging or assessing training, refresher courses and competency assessments
To communicate and record performance management activities (including appraisals, observations and supervisions) |
6 years |
To record and process payroll for employees
To record and process expenses or retirement benefits for employees To monitor and ensure compliance with National Minimum Wage Standards To record and manage Statutory Sick Pay To enrol in pension schemes |
6 years
6 years 3 years 3mths to 6 years 12 years |
To receive, record and process insurance claims
To respond and process post, penalties and sanctions |
|
To manage electronic call monitoring and generate reports
To provide access privileges on systems applications and company equipment acquisitions To create employee profiles and manage work placements including travel arrangements and accommodation when required To manage car parking and allocate spaces To recover company assets and intellectual property during and occasionally after a period of employment To communicate, exchange and record communications as part of the responsibilities of the job role and job description To issue and renew ID badges and security fobs |
For as long as required |
To comply with Investigations and regulatory compliance
To monitor, review and support internal and external audit processes relating to the service provision in line with data sharing agreements and confidentiality clauses To process and record notifications, accidents and incidents internally and with the appropriate external regulators (including RIDDOR, CQC, CIW) To investigate, manage and record concerns, safeguarding and complaints |
Up to 10 years |
To report business and trend analysis
To monitor and report on business performance and compliance To conduct and participate in employee surveys, review or feedback To participate in employer schemes and other work-related activities and communications |
|
To maintain active accounts on the Applicant Tracking System (ATS)
To communicate internal job opportunities* To respond to requests relating to your individual rights *To opt out, you can delete your account or use the unsubscribe option available in all email marketing communication |
|
Record telephone calls to and from the company telephony system only | 10 months |
Review of audio recording / camera images / video footage if disclosed to us by a third party to investigate disputes and misconduct | 6 years |
Electronic call monitoring
Employees data is processed to enable the utilisation of GPS or location tracking through electronic call monitoring systems to work with company systems, software and networks. The purpose and responsibilities for this data processing is made known to all relevant employees.
Sharing your information with others
To operate our business and recruitment process, we have contracts in place with third party service providers to access and maintain a duty of care over your personal information. These include:
- IT and telecoms support – to ensure secure operation of our IT infrastructure.
- Software support – to provide technical support and resolve issues.
- Communication and logistics– such as Royal Mail and network providers.
- Regulatory authorities – such as Her Majesty Revenue & Customs (HMRC), the Financial Services Authority (FSA), Care Quality Commission (CQC) and Care Inspectorate Wales (CIW).
- Hospitality Service providers – such as fleet vehicle management, bookings and training.
- Insurance providers.
- Pension providers.
- External security providers (CCTV monitoring).
- Archiving Service Providers.
We will share relevant information within Helping Hands Homecare during and after your employment where this is necessary, and in line with our purpose for processing.
We may share your data to communicate with you during and after your employment.
Due to the nature of our business and the service we provide we may share minimal personal data with our customers to enable the safe and effective delivery of care, for example by sharing carer profiles with customers.
We will not sell or trade your personal information with any other third party for marketing purposes without your consent and we will not share your information outside the scope of our processing unless there is a legal reason.
Data transfers and storage
Helping Hands transfers and stores data under contractual agreements with data processors in the UK. Data transfers and storage may also occur in the European Economic Area (EEA) and other countries. These are known as Restricted Data Transfers.
Restricted data transfers
Under the UK GDPR, restricted data transfers from the UK to the EEA and other countries covered by a European Commission ‘adequacy decision’ are currently permitted subject to review by the UK Government.
At times is it may be necessary to transfer data to countries that do not have an adequacy decision. In these cases, we would only do so having adopted appropriate safeguards as required by the UK GDPR, including completion of a transfer risk assessment (TRA).
Data Security
We have appropriate organisational and technical security measures to protect your personal information and limit who has access. There are also appropriate safeguards in place for data transfers to protect your privacy rights.
We have procedures in place to detect and respond to suspected data security breaches. We may notify you and any relevant authority as part of our data risk management where we are legally obliged to.
Your rights
You have rights over the way we use your information:
- You have the right to be informed about what information we collect and how it is used as outlined in this privacy notice.
- You have the right to ask for access to the information we hold on you. We would usually provide copies free of charge.
- You have the right to ask us to correct or update any information you think is incorrect or incomplete.
- You have the right to object to your information being used and/or withdraw consent.
- You have the right to ask us to stop using your information. This ‘right to be forgotten is only applied where there is no legal reason for us to continue to hold or use it.
- You have the right to object to any automated decision making. This could affect your ability to fully access our services.
- You have the right to ask us to stop using your information for marketing purposes by opting out at any point of the registration process or by updating your preferences once registered. The unsubscribe feature on our emails are actioned immediately but may take up to 14 days to complete.
- You have the right to ask us to transfer certain personal information or a copy of some of your information to you or to another organisation, including service providers, in a format they can use where this is technically possible, known as the ‘right to data portability’.
- You have the right to withdraw any permission you have previously given us to use your information.
For detailed information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the UK General Data Protection Regulation. If you would like to exercise a right, please contact the GDPR team at datarequest@helpinghands.co.uk or see the ‘how to contact us’ section.
How to contact us
If you have any questions about this privacy notice, your rights or wish to contact the Data Protection Officer, get in touch by:
- Email – datarequest@helpinghands.co.uk
- Post – Compliance Department, Helping Hands House, 10 Tything Road West, Kinwarton, Alcester, B49 6EP
- Telephone – 01789 767181
Other information
How to complain
If you contact us, we hope to resolve any query or concern you raise about our use of your information.
The UK GDPR also gives you right to lodge a complaint with a supervisory authority with the Information Commissioner Office (ICO) who are the supervisory body in the UK and can be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice was first published on 21st May 2018, and last updated on 27th March 2025.
We may change this privacy notice and update our website from time to time.
Do you need extra help?
If you would like this privacy notice in another language or format such as audio, large print or braille, please contact us.