Last updated May 2019.
Balhousie Care Group (BCG) are committed to protecting and safeguarding your privacy when dealing with your personal information and will only use the information that we collect about you lawfully and in accordance with the relevant legislation.
This privacy notice provides details about the information we collect about you, how we use and protect it. It also provides information about your rights.
If you have any questions about how we handle your information, please contact us at firstname.lastname@example.org
Privacy – Data protection principles
BCG will comply with data protection law including the 6 principles of GDPR. This means that when processing your personal data we will;
Balhousie Care Group is a “data controller”. This means that we are responsible for determining the purpose and means of processing personal data relating to you.
“Personal data”, or “personal information”, means any information relating to an identified, or identifiable individual in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
There are “special categories” of sensitive personal data, meaning data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health conditions, sex life or sexual orientation, genetic data, and biometric data which require a higher level of protection.
Scope of our privacy notice
This privacy notice applies to anyone who interacts with Balhousie Care Croup (‘BCG’) about our services and products, in anyway (e.g. email /website/post).
Personal Information that BCG collects and why we collect it
Personal Information includes
The list below identifies the kind of data that we will hold about you:
Sensitive personal data may include:
BCG also collect sensitive personal data , which is define as any information concerning certain information about an individual including health data and requires stricter protection.The following list identifies the kind of data that that we will process and which falls within the scope of “special categories” of more sensitive personal information:
What we use your personal data for
BCG will only administer personal information in accordance with the lawful bases for processing. The purposes for which at least one of the following will apply when we process personal data:
Along with our business and internal computer systems, BCG’s website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
The data currently collated on the website is limited, and primarily deals with contact details for both prospective employees and residents.
Website – cookies
When you visit a website, it may send small files to your computer called cookies. These cannot be used to identify you personally, but can make the website work more efficiently for you by improving the time required to access pages and reducing the number of times you need to enter information. Cookies also enable website owners to understand how people are using the website so they can improve the online experience they provide. Most browsers can be programmed to reject cookies, or to warn you before you download them, however this may hamper your experience of the websites you visit. Information on how to manage cookies may be found in your browser’s help button, or in more detail on websites like
Like most websites, BCG’s website, uses Google Analytics (GA) to track user interaction. This data is used to determine the number of people using the BCG website to better understand how they find and use our web pages.
Although GA records such data as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor.
Website – Blog
Should you choose to add a comment to any posts that have been published on our website, the name and email address you enter with your comment will be saved to the website’s database, along with your computer’s IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third party data processors detailed below. Only your name will be shown on the public facing website.
1.) Remove the comment or 2.) Remove the blog post. Should you wish to have the comment and its associated personal data deleted, please e-mail us at email@example.com using the e-mail address you commented with.
If you are under 16 years of age you must obtain parental consent before posting a comment on our blog.
Please note that you should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on to this website.
Website – Contact Forms and E-Mail Links
If you contact BCG using any of the contact forms on our website or an e-mail link, none of the data that you supply will be stored by this website or passed to be processed by any third party data processors as detailed below. Instead the data will be collated into an e-mail and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by encryption before being sent across the internet. The e-mail content is then decrypted by our local computers and devices.
Website – Storage of Personal Information
As detailed in the blog section above, if you submit a comment some of your personal data will be stored on BCG’s website and is the only element of personal data that is stored on the website.
BCG’s Website Servers are hosted by Heart Internet Limited based in Leeds
Third Party Data Processors
We use a number of third parties to process personal data on our behalf. These third parties have been selected using certain criteria and comply with the relevant legislation set out above.
BCG do not anticipate that any of our decisions will occur without human involvement. Should we use any form of automated decision making we will advise you of any change in writing.
How long is personal information retained.
BCG anticipate that we will retain your data as part of the care process for no longer than is necessary for the purpose for which it was collected.
BCG have given consideration to the following in order to decide the appropriate retention period:
At the end of the retention period, upon conclusion of any contract BCG may have with you, or until we are no longer legally required to retain it, it will be reviewed and deleted, unless there is some special reason for keeping it. Occasionally, BCG may continue to use data without further notice to you. This will only be the case where any such data is anonymised and you cannot be identified as being associated with that data.
Individual rights in relation to your data
BCG commit to ensure that any data we process is correct and up to date. It is your obligation to make us aware of any changes to your personal information.
Under European data protection law and under certain circumstances, you may have the;
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that BCG transfer a copy of your personal information to another party, please contact the Data Protection Officer in writing at the below address.
You will not have to pay a fee to access your personal data or to exercise any of the other rights under data protection legislation. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
BCG may need to request specific information from you to help confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email firstname.lastname@example.org. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Security of your personal data
BCG will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
BCG will securely store all the personal information that is provided electronically on our firewall and password protected servers. Personal information that is stored manually will be securely stored in an appropriate way.
Please let us know if the personal information which BCG hold about you needs to be corrected or updated.
QUESTIONS OR COMPLAINTS
BCG seek to resolve directly all complaints about how we handle personal information. Should you have any questions regarding this statement, please contact the Data Protection Officer, Earn House Lamberkine, Drive Perth PH1 1RA telephone 01738 254 254.(email@example.com)
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.