Contact Us

Privacy Policy

Privacy Policy

Last updated: December 2025

1. Introduction

Harmony Care Partners is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website, enquire about our services, or receive care from us.

We are registered with the Information Commissioner’s Office (ICO), registration number [Insert ICO Registration Number], and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are

Company Name: Harmony Care Partners Ltd
Registered Address: Room 42 Unimix House, Abbey Road, London, England, NW10 7TR
Contact Email: info@harmonycarepartners.org.uk
Contact Phone: 000 0000 0000
Data Protection Officer: Silvia Kirk

If you have any questions about this Privacy Policy or how we handle your personal data, please get in touch with us using the details above.

3. What Personal Information We Collect

We collect and process different types of personal information depending on your relationship with us:

3.1 Website Visitors

When you visit our website, we may collect:

  • IP address and browser information
  • Pages visited and time spent on our website
  • Device type and operating system
  • Referring to website addresses
  • Cookie data (see our Cookie Policy for more details)

3.2 Enquiry and Contact Forms

When you complete an enquiry form or contact us through our website, we collect:

  • Full name
  • Email address
  • Telephone number
  • Postcode or address
  • Details of your enquiry or the care needs you’ve described
  • Any other information you choose to provide

3.3 Service Users and Their Representatives

If you or your loved one becomes a client of Harmony Care Partners, we collect:

  • Full name, date of birth, and contact details
  • National Insurance number (where applicable)
  • Next of kin and emergency contact information
  • Medical history, health conditions, and medication details
  • Care needs and preferences
  • Dietary requirements and allergies
  • Mobility information and risk assessments
  • Financial information for billing purposes
  • Communication preferences
  • Photographs (where consent is given)
  • Records of care provided
  • Correspondence and notes about your care

3.4 Special Category Data

In providing care services, we necessarily process special category personal data, including:

  • Health and medical information
  • Information about disabilities
  • Genetic and biometric data (where relevant to care provision)
  • Racial or ethnic origin (to meet cultural and dietary preferences)

4. How We Collect Your Information

We collect personal information through:

  • Direct interactions when you contact us, enquire about services, or receive care
  • Website forms and email correspondence
  • Telephone conversations (which may be recorded for training and quality purposes)
  • Referrals from local authorities, healthcare professionals, or family members
  • Automated technologies, including cookies, when you visit our website
  • Third parties such as healthcare providers, social services, and family members (with appropriate consent)

5. Legal Basis for Processing Your Data

We process your personal data under the following lawful bases:

5.1 Consent

We rely on your explicit consent when:

  • You submit enquiry forms on our website
  • You provide special category data during assessments
  • We process photographs or sensitive information beyond what is necessary for care provision

You have the right to withdraw your consent at any time by contacting us.

5.2 Contractual Necessity

We process your data to fulfil our contract with you, including:

  • Assessing your care needs
  • Providing home care, live-in care, or specialist care services
  • Managing care plans and schedules
  • Billing and payment processing

5.3 Legal Obligations

We process data to comply with legal requirements, including:

  • Health and safety regulations
  • Care Quality Commission (CQC) requirements
  • Safeguarding obligations
  • Employment law
  • Tax and financial reporting

5.4 Legitimate Interests

We may process your data based on legitimate interests, such as:

  • Improving our services and website
  • Preventing fraud and ensuring security
  • Business administration and record-keeping
  • Responding to enquiries efficiently

5.5 Vital Interests

In emergency situations, we may process data to protect someone’s life or physical wellbeing.

5.6 Substantial Public Interest

For care provision, we process health data under Article 9(2)(h) of UK GDPR for:

  • Health or social care purposes
  • Management of health and social care systems
  • Provision of care under the care of a health professional

6. How We Use Your Information

We use your personal information for the following purposes:

6.1 Service Enquiries

  • Responding to your enquiries about our services
  • Providing information about care options
  • Conducting initial assessments
  • Following up on enquiries

6.2 Care Provision

  • Assessing care needs and creating personalised care plans
  • Delivering safe, appropriate, and effective care
  • Coordinating with healthcare professionals and family members
  • Maintaining accurate care records
  • Monitoring and improving care quality
  • Ensuring the health, safety, and wellbeing of service users

6.3 Administration

  • Managing client accounts and billing
  • Processing payments
  • Scheduling care visits
  • Communicating with clients and their representatives
  • Maintaining business records

6.4 Legal and Regulatory Compliance

  • Meeting CQC registration and inspection requirements
  • Safeguarding vulnerable adults
  • Reporting incidents as required by law
  • Responding to legal requests and court orders

6.5 Business Improvement

  • Analysing website usage to improve user experience
  • Gathering feedback to enhance our services
  • Training staff to maintain high standards of care
  • Quality assurance and service development

7. Who We Share Your Information With

We may share your personal information with the following parties, only when necessary and with appropriate safeguards:

7.1 Healthcare Professionals

  • GPs, consultants, and other medical practitioners
  • NHS services and hospitals
  • Pharmacies
  • Occupational therapists and physiotherapists

7.2 Regulatory Bodies

  • Care Quality Commission (CQC)
  • Information Commissioner’s Office (ICO)
  • Local authority safeguarding teams

7.3 Local Authorities

  • Social services departments
  • Commissioning teams (where publicly funded care is provided)

7.4 Service Providers

  • Our care staff (on a need-to-know basis)
  • IT service providers and website hosting companies
  • Payment processors (for secure payment handling)
  • Professional advisers (legal, accounting, insurance)

7.5 Family Members and Representatives

  • Next of kin or designated representatives (as appropriate)
  • Individuals with Lasting Power of Attorney

7.6 Emergency Services

  • Police, fire service, or ambulance services in emergency situations

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

8. International Transfers

Your personal data is stored and processed within the United Kingdom. We do not transfer personal data outside the UK or the European Economic Area (EEA) except where necessary for:

  • Website hosting services (where providers have appropriate safeguards in place)
  • Cloud-based systems that comply with UK data protection standards

Where international transfers are necessary, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the UK Government
  • Standard contractual clauses approved by the ICO
  • Binding corporate rules or certification schemes

9. How Long We Keep Your Information

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations:

  • Enquiry forms and correspondence: Up to 2 years from last contact (unless you become a client)
  • Care records for adults: 8 years from the end of care provision
  • Financial records: 7 years from the end of the financial year
  • Safeguarding records: As required by local safeguarding procedures
  • Website analytics data: Up to 26 months
  • CCTV footage (if applicable): 30 days unless required for investigation

These retention periods may be extended where:

  • There is an ongoing legal claim or investigation
  • We have a legal obligation to retain the data
  • The data is needed for the vital interests of the individual

When personal data is no longer required, it is securely deleted or destroyed in accordance with our data retention policy.

10. Data Security

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, loss, or misuse, including:

  • Secure, password-protected databases and systems
  • Encrypted data transmission (SSL/TLS) for our website
  • Access controls limiting staff access to personal data on a need-to-know basis
  • Regular staff training on data protection and confidentiality
  • Secure storage and disposal of paper records
  • Regular security audits and updates
  • Incident response procedures

Whilst we take all reasonable steps to protect your data, no data transmission over the internet is completely secure. We cannot guarantee the security of information transmitted to our website, and you do so at your own risk.

11. Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

11.1 Right to Be Informed

You have the right to clear information about how we use your personal data (this Privacy Policy).

11.2 Right of Access

You can request a copy of the personal data we hold about you (a Subject Access Request). We will respond within one month and provide this free of charge in most cases.

11.3 Right to Rectification

You can ask us to correct inaccurate or incomplete personal data.

11.4 Right to Erasure (‘Right to be Forgotten’)

You can request deletion of your personal data where:

  • It is no longer necessary for the purpose it was collected
  • You withdraw consent
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

This right does not apply where we have a legal obligation to retain records (e.g., care records).

11.5 Right to Restrict Processing

You can ask us to restrict processing of your data in certain circumstances, such as when you contest its accuracy.

11.6 Right to Data Portability

You can request to receive your personal data in a structured, commonly used format or ask us to transfer it to another organisation.

11.7 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

11.8 Rights Related to Automated Decision Making

We do not use automated decision making or profiling in our services.

11.9 How to Exercise Your Rights

To exercise any of these rights, please contact us using the details in Section 2. We may need to verify your identity before processing your request. In some circumstances, we may not be able to fully comply with your request (e.g., due to legal obligations), but we will explain our reasons.

12. Cookies

Our website uses cookies to improve your browsing experience and analyse website traffic. Cookies are small text files stored on your device.

We use the following types of cookies:

  • Essential cookies: Necessary for the website to function properly
  • Analytical cookies: Help us understand how visitors use our website (e.g., Google Analytics)
  • Functional cookies: Remember your preferences and choices

You can control and delete cookies through your browser settings. However, disabling certain cookies may affect website functionality.

For detailed information about the cookies we use, please see our separate Cookie Policy.

13. Third-Party Links

Our website may contain links to third-party websites, including social media platforms. We are not responsible for the privacy practices or content of these external sites. Please review their privacy policies before providing any personal information.

14. Children’s Privacy

Our services are designed for adults. We do not knowingly collect personal data from individuals under 18 through our website. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

Where care services are provided to individuals under 18, we obtain appropriate consent from parents or guardians and handle data in accordance with safeguarding requirements.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The updated version will be posted on this page with a revised “Last updated” date.

We encourage you to review this Privacy Policy periodically. If we make significant changes, we will notify existing clients directly where appropriate.

16. Complaints

If you are unhappy with how we have handled your personal data, please contact us first so we can address your concerns.

You also have the right to lodge a complaint with the supervisory authority:

Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Website: www.ico.org.uk

17. Marketing Communications

With your consent, we may send you information about our services, newsletters, or updates. You can opt out of marketing communications at any time by:

  • Clicking the ‘unsubscribe’ link in any marketing email
  • Contacting us directly using the details in Section 2
  • Updating your preferences in your account (if applicable)

Please note that opting out of marketing does not affect essential service communications related to your care.

18. Telephone Call Recording

Telephone calls to and from Harmony Care Partners may be recorded for:

  • Training purposes
  • Quality assurance
  • Resolving disputes
  • Safeguarding

Recordings are stored securely and deleted when no longer needed. You will be informed at the start of a call if it is being recorded.

19. Consent

Where we rely on consent to process your personal data, we will:

  • Clearly explain what you are consenting to
  • Obtain your consent before processing
  • Keep records of consent
  • Allow you to withdraw consent at any time

Withdrawing consent will not affect the lawfulness of processing carried out before withdrawal.

20. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

Harmony Care Partners Ltd
Room 42 Unimix House, Abbey Road, London, England, NW10 7TR
Email: info@harmonycarepartners.org.uk
Telephone: 000 0000 0000
Data Protection Officer: Silvia Kirk | silvia@harmonycarepartners.org.uk

Harmony Care Partners is committed to protecting your privacy and maintaining the trust you place in us.