Garden House is a residential care home for elderly people. Our principal business activities are delivered in person and enquiries made through our website and by email and the provision of ad hoc marketing services to our customers.
Garden House registered address: The Old Emporium, Bow Street, Langport, Somerset, TA10 9PQ
Garden House respects the privacy of every person for whom we have personal data. We comply with data protection legislation such as the Data Protection Act 1998 and the General Data Protection Regulation which regulates the processing of data and ensures that your data is processed fairly and lawfully, is kept secure and only that data necessary for any processing is kept.
This policy summarises the information we may collect about you and how we may use that data. We primarily collect data to enable us to provide you with services you have requested, to provide services likely to meet your needs, to improve services provided to you and to sell advertising space to help us provide many services free of charge. The policy tells you how we ensure the information we have is kept accurate and how you can request access, deletion, rectification, restriction, transfer and withdraw consent (where applicable) and make a complaint.
Garden House only collect personal information if we have your permission, or we have reasonable commercial reasons for doing this, such as collecting information to process event registrations or to supply you with services. We will only collect the minimum amount of information we need to do these things.
Garden House may collect some of the following data such as name, job title, company that employs you, email address, telephone number, gender, purchasing preferences and history, content you post on our websites, and content you read on our websites plus various other data. This data may be collected when you order a service or product, use our websites, post content to our websites, sign up for a newsletter or subscription, on completion of a survey, questionnaire or entry to a competition, or by communication to us by email, phone and by other means.
When you pay Garden House, we will record details of the financial transaction but do not directly store your debit or credit card information.
For employees we keep personal data needed to recruit you, pay you, provide company benefits and to fulfil our legal obligations.
We do not share personal data with 3rd parties for marketing purposes, other than with the direct consent of the individual(s) which may be withdrawn at any time.
Different legal bases are used which depend upon the purpose for processing your data.
• When data is provided when purchasing a product or service under a contract with you we process your data under contract necessity with the data being needed to fulfil the contract.
• When you sign up for a newsletter, an event or magazine subscription we process your data under consent
• Any additional processing i.e. sharing data with third parties, marketing to you on behalf of third parties is done through either consent or legitimate interest (you are provided with useful information by us in exchange for supplying your information (including personal data) and the relationship between us is balanced in your favour. You have the choice to opt out of processing under this basis).
• When you pay us, or we pay you, we only keep data as long as it is necessary to comply with the law.
We will only use personal information for the purpose it was collected. Should we ever wish to use it for another purpose we will contact you first asking you for your consent. We primarily use data to communicate with you, deliver the service you have requested, or services that might interest you (subject to your right to opt out with the details on how to do this found on each business website), to renew a subscription, improve our service, to verify your identity when taking payment or to meet legal, regulatory and compliance requirements.
Profiling – from time to time we may use some elements of the data you supply to target the messages we send you. For example, we may use your location to send you information about an event which is happening in the same country, or we may use your company type or job title to send you a relevant news story. We do not use this information to make automated decisions.
Data is not kept any longer than is required for the purposes of the processing or to comply with the law. As we collect data for many different purposes there is not a single retention period for all data. We instead carefully assess the length of time to retain data according to the processing purpose and to comply with our legal obligations. When data is no longer required for the purposes of the processing it is securely removed from our systems.
We take commercially reasonable physical, technical and administrative measures to protect personal information from theft, misuse or accidental destruction and to keep it confidential. We aim to protect personal information but cannot provide a 100% guarantee of security. All employees and data processors (third parties who process data on our behalf) who access your data are obliged to keep the information confidential and secure and not to use it for any other purpose other than that they are contracted to carry out for us.
We may use third party providers e.g. for web site hosting, web maintenance, email alerting, subscription fulfilment and taking payment. We share information with these third party to provide these services. We collect broad statistical anonymised information on an aggregate basis, which doesn’t identify you personally. We will also share data with public or regulatory authorities where required by law or to enforce our terms of service. We take reasonable commercial steps to ensure that your data is kept secure and confidential by any third party, is deleted when not needed for the purpose it was given, that their data privacy policies protect your data and that they only process your data on our instruction. We do not sell or rent your personal data, although we may transfer, sell or assign your data outside of our group to a third party if we merged, sold or reorganised all, of part, of the group. Your data will be processed fairly, lawfully and securely in the UK and will only be transferred outside of the European Union when there is protection in place for your rights and when the data will be kept secure.
When you have provided consent, if you should wish to withdraw that consent, you can let us know by sending an email (details provided on the business website) or by emailing firstname.lastname@example.org and we will remove your data from our systems.
Our websites may link to other websites. Garden House is not responsible for the privacy policies of those websites nor does it have or accept any liability for their content.
You have the right to see, erase and correct data we hold, the right to restrict the processing we do, and the right to object to it and to have your data transferred to a third party. If you wish to do any of these things or have any questions about how we use your data, or wish to make a complaint about any privacy issues, please contact Jo Newton at email@example.com or write to her at :
Garden House, The Old Emporium, Bow Street, Langport, Somerset, TA10 9PQ
Requests will be dealt with and responded to within a reasonable period, and no longer than 30 days. If you are not satisfied with the way your request was handled you have the right to lodge a complaint with the supervisory authority – details of which are given below:
Information Commissioner’s Office