Privacy & Cookie Policy

1. Introduction

LV Care Group is wholly committed to complying with the Data Protection (Jersey) law 2018. Our policy is written with the aim of ensuring that all employees who have access to any client and staff data do so in a manner compliant with this legislation. Staff receive annual data protection training to ensure that they are aware of their professional responsibilities with regard to handling data.

This Data Protection Notice is part of LV Care Group’s ‘best practice’ approach to data protection. The Notice provides a concise statement of how we collect, use and disclose personal data and the rights of individuals.

At LV Care Group, we operate a transparent and clear policy to comply with data protection. In order for our data protection notice to be as accessible as possible, we include explanations of the terms used.

Data

Data is information which is being processed about a living, identifiable person. Data must only be used for the reason that it was collected. Data is categorised as either personal or special. Personal data is any information referring to a data subject; examples include name, identification number, location data, date of birth. Special data is sensitive and examples include information about ethnicity, race, religious views. Neither of the examples for personal or special data are exhaustive. For the purpose of this notice, ’data’ refers to both personal and sensitive data.

Data Subjects

An identifiable, living person, who can be identified either directly or indirectly.

Processing

Processing data refers to any operations being performed with personal data. This may include collecting, using, storing and disposing of the data.

Data Controllers

A controller decides the purpose for which the data is processed, and how that data is processed. LV Care Group and its subsidiary companies act as a data controller for clients and staff. Other data controllers may include departments of the States of Jersey and GP surgeries.

Data Processors

Data processors are appointed by the data controller to carry out processing tasks on data. Examples include employing a processor to shred data, a company who creates our staff ID cards and departments of the States of Jersey. This list demonstrates examples and is not exhaustive.

2. Who is collecting the data?

At LV Care Group, we offer a wide range of care services within the Channel Islands. Your data is only handled by staff who need access to the information for a legitimate, operational need. Access to data is regularly audited by our Data Protection Officer.

3. How do we collect your data?

We collect your personal data in a number of ways, for example:

  • from the information you provide to us;
  • from information shared with us by yourself or other professionals.

4. What data is being collected?

For clients, your data is collected to ensure the best possible care is delivered. We only ever collect data which is relevant to an individual’s care. Staff data is collected only for employment purposes. The data is kept as accurately and up-to-date as possible. You add data to that we already have from you at any time.

5. Where is the data stored?

Data is stored in compliance with legislation and best practice guidelines. Some data is stored electronically, whilst some data is stored in paper format, and locked away for safety. The software which is used to store data electronically will have been risk assessed by our Data Protection Officer prior to being used for the purposes of storing data. If you have concerns about where or how your data is stored, you can contact the LV Care Group Data Protection Officer to discuss further.

6. What is the legal basis for processing the data?

LV Care Group will always endeavour to obtain your permission to process your data prior to doing so. In some circumstances, such as employment and healthcare, we have a legal obligation to collect and process your data. We will only process data if there is a legitimate and necessary interest. Data handled by the LV Care Group will not be transferred or distributed outside of Jersey, unless there is a legitimate and/or justifiable reason to do so.

7. Will the data be shared with any third parties?

Data will only be shared with your consent. This consent will only be superseded in circumstances such as safeguarding and if there is a legal obligation.

Third parties who we share data with may include States of Jersey departments, GPs and other healthcare professionals. Although not a legal requirement, we endeavour to have Data Sharing Agreements with third parties, prior to sharing information. These agreements stipulate the responsibility of both parties with regards to information sharing.

Some of our processing duties are outsourced. For example, we employ companies to undertake the shredding of confidential documents, and we use computer software to process data. All third parties who carry out processing duties on our behalf will have signed a Data Processor Contract, outlining their responsibilities.

8. How will the data be used?

Data will be used to ensure that all clients and employees are kept safe, and receive the best personalised care possible. Staff data will be used to carry out terms of employment.

9. How long will the data be stored for?

We will only retain data for as long as is necessary under law and best practice guidelines. For medical data, where there is not a legal stipulation, we follow guidance available by the Information Governance Alliance.

10. What are your individual rights?

Under the Data Protection (Jersey) law 2018, you have the following data protection rights:

  • Right to be informed – You have the right to receive clear and easy to understand information about why your information is being collected/processed, who the information will be given too, how long it will be stored for, and the categories of data collected. This information is written for clients and employees in a Fair Processing Notice.
  • Right to access health records – You have the right to know what data is being stored about you. If you would like to know what data is stored about you (Subject Access Request), please contact the Data Protection Officer. Information will then be provided to you in accordance with the law.
  • Right to rectification – If the data stored about you is inaccurate or incomplete, you can request that it is corrected.
  • Right to be forgotten – In certain circumstances, you can request for your data to be erased. As LV Care Group is a healthcare business, we are legally obliged to keep some healthcare data, even if you request for its erasure.
  • Right to restrict processing – In certain circumstances, you can request that we do not process your data, or that we restrict how we process your data.
  • Right to data portability – When data processing is automated, you can request to see the data given to the Controller in a structured and readable format. You can also request that automated data is transferred to another Controller, where it is feasible to do so. This right is not applicable when the rights/freedoms of others may be affected.
  • Right to object – You have the right to object to your data being processed, unless the processing is for a legitimate reason (i.e. for reasons of public interest). You have the right to object to your data being used for marketing.

11. Fair Processing Notices

All of our clients will be asked to sign a Fair Processing Notice. This Notice explains what data we will be collecting, why we will be collecting it, who we will be sharing it with, and how long we will be keeping it for. Clients who cannot sign their own form can have their Notice signed by a next of kin/a person who has power of attorney/nominated person.

Staff will also be asked to sign a Fair Processing Notice which details what data we will be collecting, why we will be collecting it, who we will be sharing it with and how long we will be keeping it for.

Both clients and staff have the right not to sign a Fair Processing Notice, however in restricting our ability to collect and process data may restrict your care/employment opportunities.

Copies of the Fair Processing Notices can be gained from our Data Protection Officer.

12. How can I raise a complaint?

If you have concerns about anything to do with the data we keep about you, you should contact our Data Protection Officer via telephone: 01534 888237, or email: verity@lv.je.

The complaint will be investigated, and the relevant procedures will be followed. If we find that a serious data breach has occurred, we will report the breach to the Office of the Information Commissioner within 72 hours of being made aware of the breach. Minor breaches will be dealt with in-house. All breaches are appropriately documented.

Further information about Data Protection is available through the Office of the Information Commissioner: www.oicjersey.org

13. Contact details

For further information on any aspect of Data Protection on this page, please contact our Data Protection Officer:

Verity Sangan, Compliance and Special Projects Manager
LV Care Group
24 Beresford Street
St. Helier
JE2 4WN
01534 888237
verity@lv.je

Cookies

What are cookies?

A cookie is a text-only string of information that a website transfers to your computer via the browser for either the essential functionality of that website or to improve the performance for the user. Cookies aren’t viruses and we cannot access or save any personal data on your computer when you accept them.

Why are cookies important?

These anonymous markers let us temporarily remember who you are, allowing us to make sure we give you the best user experience during every visit. No cookies used by this site are a threat to your privacy.

Disabling/Enabling Cookies

You can accept or decline cookies at any time by modifying the settings in your browser preferences. Please bear in mind that declining all cookies may prevent you from being able to use certain areas and functions of the site.