Privacy Policy

Privacy Policy

Last updated: 09 October 2025

1. Who We Are

Anytime Home Care Ltd is a CQC-registered domiciliary care provider based in Dudley, West Midlands, UK.
We are dedicated to protecting the privacy, confidentiality, and trust of everyone whose personal information we handle — including clients, their families, employees, job applicants, and professional partners.

Registered Office: 173 Wolverhampton Street, Dudley, DY1 3AD, United Kingdom
Data Controller: Anytime Home Care Ltd

2. The Information We Collect

We only collect and process personal data necessary to deliver safe, high-quality care and manage our operations effectively.

This may include:

  • Client contact details, care and health information, and next-of-kin details

  • Care plans, risk assessments, and daily visit records

  • Employee data such as contact details, DBS checks, training, and payroll information

  • Supplier and business partner details for communication and invoicing

  • Enquiries submitted via our website contact forms

We never collect more data than necessary and always handle information lawfully, fairly, and transparently.

3. How We Use Personal Data

We use personal data to:

  • Deliver safe, person-centred home care in line with individual care plans

  • Meet contractual and legal obligations under the Care Act 2014 and Health and Social Care Act 2008

  • Fulfil CQC regulatory requirements, training, and safeguarding duties

  • Communicate with clients, families, and healthcare professionals

  • Manage payroll, HR, and financial operations securely

4. Legal Basis for Processing

Under the UK GDPR (Article 6), we process personal data under the following lawful bases:

  • Contract: To deliver agreed care and support services

  • Legal Obligation: To comply with health, safety, employment, and safeguarding laws

  • Vital Interests: To protect life or prevent serious harm

  • Consent: For optional purposes such as sharing testimonials or photographs (recorded and can be withdrawn)

  • Legitimate Interests: For quality monitoring and service improvement

For special category data (e.g., health information), processing is based on:

  • Provision of health and social care

  • Substantial public interest (including safeguarding)

5. How We Keep Your Data Safe

We apply strict security measures to protect personal information, including:

  • Encrypted and password-protected digital systems

  • Paper records stored in locked cabinets, accessible only to authorised staff

  • Secure email and data transfer procedures

  • Role-based access controls and monitoring logs

  • Regular staff GDPR and confidentiality training

  • Annual data audits and tested breach response plans

6. Sharing of Information

We only share personal data where necessary, lawful, and proportionate. This may include sharing with:

  • Local authorities, NHS professionals, and CQC inspectors involved in care delivery or regulation

  • Payroll, HR, or IT processors under confidentiality agreements

  • Law enforcement or safeguarding authorities when legally required

We will never sell or trade personal information to any third party.

7. Data Retention

We keep personal data only as long as necessary, following our Data Retention and Destruction Policy and CQC guidance.

Typical retention periods:

  • Care records: 8 years after care ends

  • Staff records: 6 years after employment ends

  • Financial records: 6 years (HMRC requirement)

After these periods, all data is securely destroyed or anonymised.

8. Your Rights Under UK GDPR

You have the right to:

  • Access the personal data we hold about you (Subject Access Request)

  • Request correction or deletion of inaccurate information

  • Restrict or object to certain types of processing

  • Withdraw consent (where applicable)

  • Request transfer of your data (data portability)

Requests can be made in writing to info@anytimehomecare.co.uk, and we will respond within one calendar month.

9. Data Transfers

We do not transfer personal data outside the United Kingdom.
If this ever becomes necessary, we will implement appropriate safeguards, such as UK Standard Contractual Clauses.

10. Data Breaches

In the unlikely event of a data breach, we will:

  • Contain and investigate the incident immediately

  • Notify any affected individuals, where appropriate

  • Report the breach to the Information Commissioner’s Office (ICO) within 72 hours, if required by law

11. Complaints

If you have any concerns about how we handle your personal information, please contact us first at info@anytimehomecare.co.uk.
If you remain unsatisfied, you can contact:

Information Commissioner’s Office (ICO)
Website: https://ico.org.uk
Helpline: 0303 123 1113

12. Updates to This Policy

We review and update this Privacy Policy regularly to ensure it remains compliant with UK data protection legislation and CQC standards.
Any updates will appear on this page with a revised “Last Updated” date.