Scotia Homecare Solutions Limited
Scotia Homecare Solutions Limited
  • Home
  • Our Services
  • Care Inspectorate
  • Careers
  • Meet the team
  • Podcast Shorts
  • Contact Us
  • Privacy Policy
  • Modern Slavery Policy
  • More
    • Home
    • Our Services
    • Care Inspectorate
    • Careers
    • Meet the team
    • Podcast Shorts
    • Contact Us
    • Privacy Policy
    • Modern Slavery Policy
  • Home
  • Our Services
  • Care Inspectorate
  • Careers
  • Meet the team
  • Podcast Shorts
  • Contact Us
  • Privacy Policy
  • Modern Slavery Policy

Privacy Policy

  

1. Introduction

Scotia Homecare Solutions Limited is committed to protecting your privacy and ensuring that personal data is processed lawfully, fairly and transparently. This Privacy Policy explains how we collect, use, store and protect personal data relating to:

  • employees, workers and consultants; and
  • clients, service users and individuals whose information we receive from local authorities and other stakeholders.


This statement is provided in accordance with the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR).


2. Data Controller

Dawn McFarlane is the data controller for the personal data described in this Privacy Statement.

Contact details:
Dawn McFarlane, Director
Email: careers@scotiahomecare.com

Registered Address: The E-Centre, Cooperage Way Business Village, Cooperage Way, Alloa, Scotland, FK10 3LP
 

3. Data Protection Principles

We process personal data in accordance with the data protection principles. Personal data must be:

  • processed lawfully, fairly and transparently;
  • collected for specified, explicit and legitimate purposes;
  • adequate, relevant and limited to what is necessary;
  • accurate and kept up to date;
  • retained only for as long as necessary; and processed securely.


4. What Is Personal Data?

“Personal data” is information that identifies, or can identify, a living individual. This includes data provided directly by individuals, data received from third parties (such as local authorities or partner agencies), and data created by us in the course of delivering services.


This Privacy Statement applies to personal data held in all formats, including electronic and paper records.


5. Categories of Individuals Whose Data We Process

We may process personal data relating to:

  • employees, workers and consultants;
  • clients and service users; and
  • individuals whose data is shared with us by local authorities, commissioners, referrers, and other stakeholders.


6. Personal Data We Collect

a. Workforce Data

We collect and process workforce data as described in our staff privacy arrangements, including recruitment, employment, payroll, performance, training and compliance information.


b. Client and Service User Data

We may collect and process the following types of personal data about clients and service users:

  • name, address, date of birth and contact details;
  • unique identifiers or reference numbers;
  • family, household and emergency contact details;
  • information      about needs, assessments, support plans and outcomes;
  • records of services provided and interactions with us;
  • safeguarding information;
  • communications  with us, including emails, letters and call records;
  • images or CCTV footage where relevant for safety and security.


c. Data Received from Local Authorities and Other Stakeholders

We may receive personal data about clients from:

  • local  authorities;
  • NHS bodies;
  • commissioning organisations;
  • regulatory bodies;
  • partner agencies and service providers; and
  • other relevant stakeholders.


This data may include referral information, assessment reports, funding and commissioning details, safeguarding information, and case management records.


7. Special Category and Criminal Data

We may process special category personal datarelating to clients and service users, including information about:

  • physical or mental health;
  • disabilities and support needs;
  • racial or ethnic origin;
  • religious or philosophical beliefs (where relevant to care);
  • sexual orientation or sex life (where relevant to support); and
  • biometric data (where applicable).


We may also process data relating to criminal allegations or convictions where this is necessary and lawful, including for safeguarding, risk management and regulatory compliance.


8. Lawful Basis for Processing

We process personal data on one or more of the following lawful bases:

  • Performance of a contract – where processing is necessary to deliver services or meet contractual obligations;
  • Legal obligation – where required by law, including safeguarding,      employment, tax and regulatory requirements;
  • Public task – where processing is necessary to carry out tasks in the public interest or under official authority (for example, services commissioned by local authorities);
  • Legitimate interests – where necessary for our business operations and not overridden by individuals’ rights; and
  • Consent  – where required by law, particularly for certain special category data (which may be withdrawn at any time).


9. How We Use Client and Stakeholder Data

We use client and stakeholder data to:

  • assess referrals and eligibility for services;
  • deliver, manage and review services and support;
  • comply with safeguarding duties;
  • communicate with clients, families, carers and professionals;
  • manage funding, commissioning and reporting requirements;
  • monitor  quality, outcomes and service improvement;
  • protect the health, safety and welfare of individuals; and
  • comply with legal, regulatory and contractual obligations.


We do not carry out automated decision-making or profiling.


10. Sharing Personal Data

We may share personal data with:

  • local authorities and commissioners;
  • healthcare professionals and partner agencies;
  • regulators, inspectors and ombudsmen;
  • insurers and professional advisers; and
  • service providers who support our operations.


All third parties are required to process personal data lawfully, securely and only in accordance with our instructions.


11. International Transfers

We do not routinely transfer personal data outside the UK or European Economic Area (EEA). If this becomes necessary, appropriate safeguards will be put in place and individuals will be informed.


12. Data Security and Retention

We take appropriate technical and organisational measures to protect personal data. Personal data is retained only for as long as necessary, in line with legal, regulatory and contractual requirements.


13. Your Data Protection Rights

Individuals have the right to:

  • be informed about how their data is used;
  • access their personal data;
  • request correction of inaccurate data;
  • request erasure in certain circumstances;
  • restrict processing;
  • object to processing based on legitimate interests or direct marketing;
  • request data portability (where applicable);
  • not be subject to automated decision-making; and
  • be notified of certain data breaches.

Requests can be made by contacting the Director.


14. Subject Access Requests

Individuals may make a written subject access request to obtain a copy of their personal data. We will respond within one month, unless an extension is permitted by law.


15. Data Breaches

Where a personal data breach poses a risk to individuals’ rights and freedoms, we will notify the Information Commissioner’s Office (ICO) and affected individuals where required.


16. Complaints

Concerns about data protection can be raised with us directly on the contact details above. Individuals also have the right to complain to the Information Commissioner’s Office via www.ico.org.uk.

Copyright © 2025 Scotia Homecare Solutions Limited - All Rights Reserved.

Powered by