Privacy Policy

Effective: May 2026 / Governed by UK GDPR & Data Protection Act 2018

1st Healthcare Group Limited ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, store, and protect information about you when you use our website and services.

1. Who We Are

1st Healthcare Group Limited is a registered company in England and Wales. We are a Data Controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Registered Address: Unit 29 Highcroft Industrial Estate, Enterprise Road, Waterlooville, England, PO8 0BT
Company Registration No: 12248763

Data Protection Contact: enquiries@1sthealthcaregroup.co.uk

 

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Full name, date of birth, title, and identification documents

  • Contact Data: Email address, telephone number, home address

  • Health & Care Data: Medical history, care needs, health conditions (where relevant to care services)

  • Employment Data: Job applications, CVs, references, DBS check results (for staff)

  • Technical Data: IP address, browser type, device identifiers, cookies

  • Usage Data: How you interact with our website, pages visited, time spent

  • Financial Data: Bank details for payroll (staff only); invoicing details

  • Communications Data: Enquiries, complaints, correspondence with us

 

3. How We Collect Your Data

  • Directly from you when you contact us, complete a form, or apply for a role

  • Automatically via cookies and tracking technologies on our website

  • From third parties such as referral agencies, CQC, or local authority partners

  • From publicly available sources where lawfully permitted

 

4. Lawful Basis for Processing

We only process your personal data where we have a lawful basis to do so, including:

  • Consent: Where you have given clear consent (e.g., marketing emails)

  • Contract: Where processing is necessary to fulfil a contract with you

  • Legal Obligation: Where required by law (e.g., CQC compliance, employment law)

  • Vital Interests: To protect life in an emergency care situation

  • Legitimate Interests: For our operational needs, fraud prevention, and improving our services

  • Special Category Data: Health data processed under Article 9 UK GDPR with explicit consent or for healthcare provision purposes

 

5. How We Use Your Data

  • To deliver and manage our healthcare and care services

  • To recruit, employ, and manage our staff and care workers

  • To comply with our regulatory obligations (CQC, HMRC, ICO)

  • To respond to your enquiries and correspondence

  • To send service updates and, where consented, marketing communications

  • To maintain the security and functionality of our website

  • To investigate and resolve complaints

  • To carry out safeguarding duties and protect vulnerable individuals

 

6. How Long We Keep Your Data

Data Type

Retention Period

Care recipient records

8 years after last care (or until age 25 for children)

Employee records

6 years after employment ends

Recruitment records (unsuccessful)

12 months

DBS check records

6 months after decision

Website enquiries

2 years

Financial/payroll records

7 years (HMRC requirement)

Accident/incident records

10 years

 

7. Your Rights

Under UK GDPR you have the following rights:

Right

What It Means

Access

Request a copy of the personal data we hold about you (Subject Access Request)

Rectification

Ask us to correct inaccurate or incomplete data

Erasure

Request deletion of your data ("right to be forgotten") where applicable

Restriction

Ask us to limit how we use your data

Portability

Receive your data in a structured, machine-readable format

Objection

Object to processing based on legitimate interests or direct marketing

Withdraw Consent

Withdraw any previously given consent at any time

To exercise any of these rights, contact us at enquiries@1sthealthcaregroup.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or call 0303 123 1113.

 

8. Data Sharing & Third Parties

We may share your data with authorised third parties only where necessary, including:

  • Regulatory bodies: CQC, ICO, HMRC

  • Local authorities and NHS commissioning bodies

  • DBS checking services

  • Our IT system providers (under data processing agreements)

  • Insurance providers and legal advisers

  • Payroll and HR service providers (for staff)

We do not sell your personal data to any third party, ever.

 

9. Privacy Queries 📬

Data Controller: 1st Healthcare Group Limited

Email: enquiries@1sthealthcaregroup.co.uk

Call us at 0203 633 0745 or request a callback today

and our team will help you find the right care solution tailored to your needs.