Privacy Policy

Last Updated: 15th January 2026

At Rainbow Homecare Limited, we are committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about people who visit our website and use our services, how we use it, the conditions under which we may disclose it to others, and how we keep it secure.

1. Who are we?

Rainbow Homecare Limited is a registered domiciliary care provider (CQC Provider ID: 1-235067202) providing personal care, night care, domestic care, and palliative care services. We are the "data controller" for the personal information we process about you.

Address: 3-9 Balaam Street, London, E13 8EB

Telephone: (020) 7041 6464

Email: info@rainbowhomecare.co.uk

2. What information do we collect?

The personal information we collect, store, and use may include:

For Service Users (Clients) and their Families:

Identity Data: Name, date of birth, gender, and NHS number.

Contact Data: Address, email address, and telephone numbers.

Health & Care Data (Special Category): Medical history, care needs, medication records, mental health status, and details of your GP or other healthcare professionals.

Financial Data: Details required for billing and payment (if paying privately).

Next of Kin Data: Contact details for your family or emergency contacts.

For Job Applicants and Staff:

Recruitment Data: CVs, references, right-to-work documents, and Disclosure and Barring Service (DBS) check results.

Employment Records: Payroll details, training records, and performance appraisals.

For Website Visitors:

Technical Data: Your IP address, browser type, and information about your visit (via cookies) to help us improve our website experience.

3. How do we collect your data?

We collect data through:

Direct Interaction: When you fill in forms on our website, call us, or email us.

Assessments: During initial risk assessments and care plan development at your home.

Third Parties: We may receive information from the NHS, Local Authorities, or social services if they are involved in your care.

4. How we use your information

We use your information to:

Provide high-quality, person-centred care services.

Develop and review your personalised care plan.

Communicate with you and your emergency contacts.

Comply with legal and regulatory requirements (e.g., CQC inspections).

Process job applications and manage our workforce.

Improve our website and services.

5. Legal Basis for Processing

Under UK GDPR, we rely on the following legal bases:

Contract: To provide the care services you have requested.

Legal Obligation: To meet our health and social care regulatory requirements.

Vital Interests: To protect your life in an emergency.

Legitimate Interests: For the efficient management of our business.

Special Category Data (Health): We process health data under Article 9(2)(h) for the provision of health or social care treatment.

6. Sharing your information

We do not sell or rent your information to third parties. We only share information when necessary with:

Healthcare Professionals: Doctors, nurses, or pharmacists involved in your care.

Local Authorities/NHS: Where care is funded or commissioned by them.

Regulators: The Care Quality Commission (CQC) during inspections.

Emergency Services: If there is an immediate risk to your health.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. Access to your personal data is limited to those employees and third parties who have a business "need to know."

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Care records are typically kept for a minimum of 3 to 8 years depending on the type of record and regulatory guidance.

9. Your Rights

Under the UK GDPR, you have the following rights:

Access: The right to request a copy of the personal information we hold about you.

Correction: The right to ask us to correct inaccurate information.

Erasure: The right to ask us to delete your data (subject to certain legal exceptions).

Restriction: The right to ask us to restrict the processing of your data.

Object: The right to object to our processing of your data.

To exercise any of these rights, please contact us at info@rainbowhomecare.co.uk.

10. Cookies

Our website uses cookies to distinguish you from other users. You can set your browser to refuse all or some browser cookies, but this may affect how the website functions.

11. Complaints

If you have a concern about how we handle your data, please contact us first. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Website: https://ico.org.uk/

Helpline: 0303 123 1113

Note to owner: You should ensure this policy is easily accessible via a "Privacy Policy" link in the footer of your website. If you use specific third-party tools (like Google Analytics or online booking forms), you may need t