Carer Support South Lakes Website Privacy Policy
This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
Carer Support Cumbria, holds the All Age Carers Contract from Cumbria County Council and subcontracts the five Carers Organisations in Cumbria to deliver the work.
Legislation
CSSL will seek to comply with the GDPR in the way it collects, processes, maintains, stores and disposes of data, ensuring it is:
- processed lawfully, fairly, and in a transparent manner
- collected for specified, explicit and legitimate purposes
- adequate, relevant and limited to what is necessary for the purpose for which the data is processed
- accurate and where necessary kept up-to-date
- not kept for longer than is absolutely necessary for its given purpose
- subject to appropriate security to safeguard against unauthorised or unlawful use, destruction or damage
CSSL is also required to demonstrate how it is complying with its obligations under the GDPR, by ensuring that appropriate systems, controls and procedures are in place.
CSSL will also seek to comply with the Caldicott Principles, which apply to regulated care and support services and govern the use and management of personal information that allows an individual to be identified. We will:
- be able to justify the purpose of how they use and manage such information
- not use it unless it is necessary
- use the minimum necessary amount of information
- ensure it is accessed on a strict need-to-know basis
- ensure those accessing such information are aware of their responsibilities
- understand and comply with the law
- be aware that the need to share information can be as important as the duty to protect an individual’s confidentiality.
With regard to data protection and the processing of confidential information, CSSL will also, where applicable, seek to comply with:
- Access to Health Records Act 1990
- General Data Protection Regulation (GDPR) 2018
- Human Rights Act 1998
- Mental Capacity Act 2005
- Protection of Freedoms Act 2012
- Health and Social Care Act (2008)
- Care Act 2014
Personal information that this website captures and uses
This website captures and use personal information for the following reasons:
Site visitation tracking:
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor.
GA makes use of cookies, details of which can be found on Google’s developer guides. FYI our website uses the analytics.js implementation of GA.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
Contact forms:
Should you choose to contact us using on our ‘Contact Us’ page or sign up to our Mailchimp newsletter. All traffic (transferral of files) between our website and your browser is encrypted and delivered over HTTPS.
This website does not store personal information instead it transfers information to our server via email and is then erased.
About this website’s server
This website is hosted by Kualo, whose UK based services are housed in our UK datacenter which is operated by Gyron Internet, and is audited to ISO 27001 standards:
Their external Certifications include:
- ISO 27001: Information Security Management System
- ISO 14001: Environment Management System
- ISO 9001: Quality Management System
Data Breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Data Controller
The data controller of this website is: Carer Support South Lakes, a Company Limited by Guarantee, registered in England & Wales with company number: 7567467
Carer Support South Lakes registered offices are:
Carers Hub
3 Wainwright’s Yard
Kendal, LA9 4DP
Cumbria, UK
Changes to our privacy policy
We review our Data Protection Policies, Procedures & Notices annually and may make changes to this Notice from time to time. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.
Change log
17/4/2019 – Privacy policy instigated