Privacy Notice
1. Who We Are
Oak Lodge Care Home is committed to protecting and respecting your privacy. This Privacy Notice explains how we collect, use, and safeguard the personal data of our residents, visitors, staff, and business contacts.
Data Controller:
Restgate Ltd2 Peveril Road
Northampton NN5 6JW 01604 752525 oaklodge10@btinternet.com
2. What Information We Collect
We may collect and process the following types of personal data:
- Residents: Name, date of birth, health and care records, emergency contact details, financial details for payment, medication records, dietary needs, religious or cultural preferences, and legal documents.
- Visitors & Family: Name, contact details, relationship to resident, visiting logs.
- Staff and Volunteers: Employment records, qualifications, DBS checks, payroll information.
- General Contacts: Contractors’ and suppliers’ contact information, communications.
3. How We Collect Your Information
We collect data:
- Directly from residents, families, staff, and healthcare providers
- Via forms, care assessments, correspondence, or in-person interactions
- Through CCTV (for safety and security, if applicable)
4. Why We Use Your Information
We process your personal data to:
- Deliver safe and effective care
- Meet our legal and regulatory obligations (e.g., CQC, safeguarding, medication records)
- Communicate with families and professionals
- Manage payments, contracts, and staffing
- Ensure the security of our premises and individuals
5. Lawful Basis for Processing
We rely on one or more of the following legal bases:
- Consent – Where you have given us clear permission
- Contract – When processing is necessary for a contract (e.g., resident care agreement)
- Legal Obligation – To comply with the law (e.g., safeguarding duties)
- Vital Interests – To protect someone’s life
- Public Task – For official functions or duties
- Legitimate Interests – For our business operations (when not overridden by your rights)
We may also process special category data (e.g., health information) for care provision, with appropriate safeguards.
6. Sharing Your Information
We only share personal data when necessary, such as with:
- NHS and healthcare providers
- Local authorities and safeguarding teams
- Care Quality Commission (CQC)
- Emergency services
- Trusted contractors (e.g., for IT or payroll), under data processing agreements
7. How We Store and Secure Your Data
Your data is stored securely on-site and/or in encrypted digital systems. We implement appropriate technical and organizational measures to protect it from unauthorized access, loss, or misuse.
8. How Long We Keep Your Data
We retain personal data only as long as necessary to meet legal, contractual, or care-related obligations. Typical retention periods:
- Resident records: 8 years after the end of care (or longer for children)
- Staff records: 6 years after employment ends
- Visitor logs: 1 year
- CCTV footage: 20 days (unless required for investigation)
9. Your Rights
You have rights under the UK GDPR, including:
- The right to access your data
- The right to correct inaccurate data
- The right to erase data (in certain circumstances)
- The right to restrict or object to processing
- The right to data portability (in some cases)
- The right to withdraw consent (where applicable)
- The right to lodge a complaint with the ICO
To exercise your rights, contact us at - Oakmanager@btinternet.com
10. Contact and Complaints
If you have concerns about how your data is handled, please contact:
Data Protection Lead
Tal Kaur
Registered Manager
You can also contact the Information Commissioner's Office (ICO):
