Privacy Policy

1. Introduction

This is Unicorn Healthcare Services’ Privacy Notice.
As part of the services we offer, we are required to process personal data about our staff, our service users and, in some instances, the friends or relatives of our service users and staff. “Processing” can mean collecting, recording, organising, storing, sharing or destroying data.
We are committed to being transparent about why we need your personal data and what we do with it. This information is set out in this privacy notice. It also explains your rights when it comes to your data.
If you have any concerns or questions, please contact us: 01472 403 666 or via email at enquiries@uh.services.

2. Service Users

What data do we have?

  • Basic details and contact information (name, address, date of birth, next of kin)
  • Financial details (payment or funding arrangements)
  • Special category data: health and social care data (physical and mental health), race, ethnic origin, sexual orientation, religion

Why do we have this data?

  • Legal obligation under Health and Social Care Act 2012 or Mental Capacity Act 2005
  • Necessary for social security and social protection law (e.g., safeguarding)
  • Necessary for providing and managing social care services
  • Required for Care Quality Commission (CQC) compliance
  • May process with your consent

Common law duty of confidentiality
Satisfied by consent, legal requirement, or overriding public interest (e.g., sharing with police for serious crime prevention).

Where do we process your data?
Collected from you or legal representatives, and shared with:

  • Health and care system (hospitals, GP, pharmacy, social workers)
  • Local Authority
  • Family/friends (with permission)
  • Organisations with legal obligations (CQC, safeguarding)
  • Police or law enforcement (by law or court order)

3. National Data Opt-Out

We review annually whether the national data opt-out applies. If applicable, we use MESH to check opt-outs.
Currently, we do not share data for planning or research purposes under this scheme.
More info: www.nhs.uk/your-nhs-data-matters.

4. Staff

What data do we have?

  • Basic details (name, address, date of birth, NI number, next of kin)
  • Financial details (pay, insurance, pension, tax)
  • Training records
  • Special category data (health data if necessary, race/ethnic origin/sexual orientation/religion with permission)
  • DBS check (not retained after verification)

Why do we have this data?

  • Legal obligation under UK employment law
  • Performance of public task
  • Legitimate interest (e.g., workforce planning reports)
  • Required for CQC compliance

Where do we process your data?
Collected from you or legal representatives, and shared with:

  • HMRC
  • Pension and healthcare schemes
  • External payroll provider
  • CQC
  • Police/law enforcement
  • DBS Service

5. Friends/Relatives

What data do we have?

  • Basic details and contact information

Why do we have this data?

  • Legitimate interest (next of kin, lasting power of attorney, emergency contacts)
  • May process with consent

Where do we process your data?
Collected from you or legal representatives, and shared with:

  • Health and care system
  • Local Authority
  • Police/law enforcement

6. How do we store your personal information?

Stored securely for time periods specified in Records Management Code of Practice.
Disposal methods: shredding, wiping hard drives, archiving on care management software.

Your rights:

  1. Request a copy of your data
  2. Request correction or restriction of processing
  3. Request erasure of unnecessary data
  4. Restrict processing if data is no longer needed
  5. Withdraw consent at any time
  6. Object to processing under legitimate interest/public task

Complaints: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: https://ico.org.uk/global/contact-us/