Crossroads Care Wokingham

Privacy Policy

Crossroads Care Wokingham Privacy Policy It’s important you read this Privacy Policy carefully because it contains important information about why and how we collect, use, share and store personal information about you. It also tells you your rights in relation to your personal information, including the right to access it, and who you need to contact if you want to make a complaint.

  • 1:
    Personal data

    ‘Personal data’ is any information that relates to a living, identifiable person. This data can include your name, contact details, and other information we gather as part of our relationship with you. It does not cover information where your identity has been removed (anonymous data) ‘

    Sensitive information’ is information about a person’s race or ethnic origin, religious, political or other beliefs, physical or mental health, sexual orientation. The collection and use of these types of data are subject to strict controls.

    As the ‘controller’ of your personal information, we are responsible for how this data is managed. The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 sets out our obligations to you and your rights in how we manage your personal information.

    We need to collect sensitive/personal data from you because without it we won’t be able to create a suitable care plan and to provide you with suitable care services.

    We collect your personal data mostly through our contact with you, and the data is usually provided by you, but in some instances, we may receive data about you from other people/organisations. We will explain more about this below.

    As the ‘controller’ of your personal information, we will ensure that the data we hold about you is:

    • Used lawfully, fairly and in a transparent way
    • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
    • Relevant to the purposes we have told you about and limited only to those purposes
    • Accurate and kept up to date
    • Kept only for as long as necessary 2
    • Kept and destroyed securely.

    Please see the section on Your Rights for more information.

    Please note when we refer to

    a ‘public body‘: we mean any organisation in the UK which delivers, commissions or reviews a public service and includes (but is not limited to) Wokingham Borough Council, the National Health Service, the Ombudsman and the Care Quality Commission (CQC).

    a ‘health or social care professional‘: we mean any person who provides direct services, acts as consultant or is involved in the commission of your healthcare or social care services, including (but not limited to) your general practitioner (GP), dental staff, pharmacists, nurses and health visitors, clinical psychologists, dieticians, physiotherapists, occupational therapists, hospital staff, social workers and other care and support related professionals.

  • 2:
    Who we are

    Crossroads Care Wokingham is a registered charity (No. 1128216) and a Company Limited by Guarantee registered in England and Wales (No.06768350). Our contact details are:

    • Address: Wokingham Community Hospital, 41 Barkham Road, Wokingham, RG41 2RE
    • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
    • Telephone number: 0118 979 5324

    We are also known by our trading name Crossroads Care Wokingham.

    If you have any questions about our Privacy Policy or other issues about data protection please contact our Data Protection Lead on Tel: 0118 979 5324 or email: This email address is being protected from spambots. You need JavaScript enabled to view it..

  • 3:
    What personal data do we collect

    What personal data do we collect and use in relation to people who enquire about and use our services?

    When you ask about our care services via our website, phone, email, post, face-to-face or on social media, and during the course of providing care services to you, we collect the following personal information when you provide it to us:

    1. Your name, home address, date of birth, gender and contact details (including your telephone number, email address) 
    2. Information about your next of kin, emergency contacts details and power of attorney. (i.e. name, relationship, home and telephone numbers)
    3. Your personal care plan including assessment of your needs and preferences, health conditions, medication information, communication methods, mobility assistance and risk assessments
    4. Information relating to resuscitation requirements • Contact details for your GP
    5. Your likes, dislikes and lifestyle preferences (including your religious beliefs, racial or ethnic origin, health and sexual orientation (so far as they relate to providing you with suitable care)
    6. Your feedback and contributions to questionnaires and surveys about the service we offer
    7. Your complaints, compliments or concerns about the service we provide
    8. Any accidents and incidents or near misses you may have been involved in whilst on our premises or whilst our employees are delivering a service to you – this may include details of injuries and treatment you may have received.
  • 4:
    Cookies On Our Website

    Cookies are small files which websites store on your computer and which contain various types of information about your visit to a website. They are not viruses or malicious software but they are generally aimed at providing you with a good experience when browsing a site by, for example, remembering your preferences so that you do not need to reset them every time you visit the website.

    Cookies can record information about how you browse the internet. They can therefore be used by websites to advertise goods and services which, based on your browsing history, are similar to goods and services which you have previously searched online. This is why some users reject or delete cookies.

    Cookies normally expire after a length of time which can vary from a few minutes to more than a year. Some cookies are ‘session cookies’ which are deleted when you close your internet browser or after a period of inactivity. Others are ‘persistent cookies’ which remain on your computer until their expiration date.

    We do not store cookies on your computer without your consent unless they have the sole purpose of carrying out the transmission of communications or they are strictly necessary for providing an online service.

    You may restrict or block cookies which are set by any website through your browser settings. Your browser settings also allow you to clear your browsing history and delete cookies. Information about how you can do this can be found on this link Mobile devices may have their own settings and you need to refer to the manual of the device. Please note that restricting or disabling cookies may impact the functioning of parts of our website.

    Links to external websites that are made available through the Crossroads Care Wokingham website or in any of our publications are for the purpose of convenience or citation. Crossroads Care Wokingham is not responsible for the content or privacy policies of these other pages. We encourage visitors to review each site’s privacy policy before disclosing any personally identifiable information.

  • 5:
    Information collected from other sources

    We work closely with third parties such as health and social care professionals and public bodies. We therefore also obtain personal information about you from other sources such as:

    • Your allergies and any medical, physical or mental conditions, assessments and in particular your care and support needs, from any appropriate external health or social care professionals
    • Your name, home address, date of birth, contact details, needs assessments from any appropriate external health or social care professionals (including any relevant public body regardless of whether you are publicly funded)
    • Your likes, dislikes and lifestyle preferences (including your religious beliefs or other beliefs of a similar nature, racial or ethnic origin, health and sexual orientation (so far as they relate to providing you with suitable care) from your family, friends and any other person you have nominated as your representative
    • Your legal representative (for example Lasting Power of Attorney), if applicable.
  • 6:
    How we use your personal information

    We use your personal information to: 

    1. Prepare, review and update a suitable care support plan, describing the nature and level of care and support services which you have requested 
    2. To communicate with you, your representatives and any appropriate external health or social care professionals about your individual needs and personalise the service delivered to you
    3. Respond, should your care needs change, to meet your individual needs and ensure the safety of you and your Care Support Worker
    4. Invoice you for the care and support services you receive in accordance with the contractual terms and conditions
    5. Carry out quality visits and surveys to monitor the effectiveness of our services and improve our customer experience
    6. Send information about our services and events which we believe you may be interested in. You can unsubscribe from this at any time
    7. Notify you about changes to our services which are relevant to you
    8. Respond to you following an enquiry received via our website.
  • 7:
    Who we share your personal information with

    We may share your medical information with appropriate external health or social care professionals (including your GP and pharmacist) and any individuals you have nominated as your representative as and when required. This data sharing enables us to establish the type of care and support you need, it also allows us to work with you to design the right care package to suit your individual needs.

    We will share personal information with law enforcement or other authorities if legally required to do so. This includes information required by public bodies to evidence our compliance with the applicable regulatory framework. We are also required to share personal information with external health or social care professionals, including public bodies and local safeguarding groups (in some circumstances) to ensure your safety.

    We will share relevant personal information with Care Support Workers and the Care Management Team on a need to know basis, in order to provide you with safe and effective services.

    We will share information with our insurance company and where applicable to the Health & Safety Executive, following accidents & incidents.

    In order to deliver our service to you, we rely on certain third organisations to provide specialist support to us. To provide this support they will have access to or a duty of care over your personal information. These providers are:

    • IT and Telecoms Support companies – to ensure the safe, secure and resilient operation of our IT infrastructure including computers, servers, phones and mobile devices
    • Software support companies – to provide specialist support and resolve issues with the software that we run, for example, the systems we use to store and manage your customer records
    • Data archiving companies – responsible for the secure storage and destruction of records. These providers operate under a written contract to ensure the same level of privacy and security that we promise to you.

    We will definitely not:

    • share, your personal information with any other third party without your consent
    • sell or trade your personal information with any other third party.
  • 8:
    How long your personal information will be kept

    Some retention periods are based on legal requirements while others take into account practical needs to keep the data.

    Information about how long we process your data for can be found in our Data Retention Schedule (available on Tel: 0118 979 5324).

    Once the applicable retention period expires, unless we are legally required to keep the data longer, or there are important and justifiable reasons why we should keep it, we will securely delete the data.

    In general terms, we process your data in order to manage our relationship with you. The table below lists more specific purposes for processing your data, and the legal basis for each type of processing.

  • 9:
    How do we protect your data?

    The confidentiality and security of your information is of paramount importance to us. We have appropriate organisational and technical security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

    Security measures in place:

    1. Data Protection Policy
    2. Information Governance Audits
    3. Password protected computers and Management IT systems.

    We may engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

    We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

  • 10:
    Reasons we can collect and use your personal information

    We rely on the following grounds within the GDPR:

    1. Article 6(1)(a) – processing is conducted with your consent to process personal data for specified purposes
    2. Article 6(1)(b) – processing is necessary for the performance of our contracts to provide individuals with care and support services
    3. Article 6(1)(c) – processing is necessary for us to demonstrate compliance with our regulatory framework and the law
    4. Article 6(1)(f) – to process your personal data in pursuit of legitimate interests, which include:
      1. Events and Fundraising Information – the privacy impact on you is expected to be minimal. Information will be specific to events we believe are of interest to you using information from enquiries we receive from you, you can unsubscribe at any time.

    GDPR recognises that additional care is required when processing special category (sensitive) data such as your health. We process this under the following grounds within GDPR:

    • Article 9(2)(h) – processing is necessary for the provision of social care or the management of social care systems and services

    At times, we may further process data which we have already collected. We will only do this if the new purpose for processing it further is compatible with the original purpose that the data was collected for. We will tell you about any further processing before carrying it out.

  • 11:
    How we store your data

    Your personal data is held in both hard copy and electronic formats.

    Electronic data, including emails, is stored on our servers, which are located in the UK and may be stored on our software suppliers’ servers in the European Union. These offer the same level of legal protection and rights over your data.

  • 12:
    Your rights

    As a data subject, you have the following rights, without charge, in relation to your personal data processed by us:

    1. To be informed about how your data is handled • To gain access to your personal data
    2. To have errors or inaccuracies in your data changed
    3. To have your personal data erased, in limited circumstances
    4. To object to the processing of your personal data for marketing purposes or when the processing is based on the public interest or other legitimate interests
    5. To restrict the processing of your personal data, in limited circumstances
    6. To obtain a copy of some of your data in a commonly used electronic form, in limited circumstances.

    For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

  • 13:
    Withdrawing consent

    If we are relying on your consent to process your data, you may withdraw your consent at any time.

  • 14:
    Exercising your rights, queries and complaints

    For more information on your rights, if you wish to exercise any right or for any queries you may have or if you wish to make a complaint, please our office on Tel: 0118 979 5324 and ask to speak to our Data Protection Lead who has responsibility for data protection.

  • 15:
    Complaints to the Information Commissioner

    You have a right to complain to the Information Commissioner's Office (ICO) about the way in which we process your personal data. You can make a complaint on the ICO’s website

  • 16:
    Changes to this privacy policy

    This privacy policy was updated on 24th May 2018.

    We may change this privacy policy from time to time, when changes are significant we will draw your attention to this via our website

Crossroads Care... The people carers turn to

Crossroads Care Logo Horizontal
Charity Registration Number: 1128216.
The Crossroads Care trade mark is a collective mark. Wokingham Crossroads is a Private company limited by guarantee without share capital registered in England & Wales Number: 06768350. Registered office: Wokingham Hospital, Barkham Road, Wokingham, Berkshire, RG41 2RE.
© 2021 Crossroads Care Wokingham.
All rights reserved.