Skip to content
'the life you choose...'

GDPR Compliance Statement

We use personal data (information that relates to and identifies living people) and other information to help us to carry out our role as a provider of health and adult social care services in England.

About our purpose and role

We will always make sure that your information is protected and treated securely. Any information about you that we hold, or details you give us, will be held in accordance with:

  • The General Data Protection Regulation (GDPR)
  • Independence Matters Information Management Policy
  • Independence Matters Policy on Confidential Personal Information.

Information about people who use services & members of the public

Information held within our services

Registered providers and Managers of care services must record and pass on certain events and incidents, including where they have received allegations of abuse, or where someone using the service is seriously injured. Care services also record statistics including the number of compliments and complaints they have received.

Contact details of people who use services will be held to ensure we provide the service required.

Personal data that we receive from other sources

We receive information from people who use the services we provide, their families, friends and carers. These often contain personal data.

We also receive information that sometimes contains personal data from other sources, such as NHS, NCC and the police.

We use this information to directly support all our customers and staff.

Data and statistics

The data we hold will include the following:

  • date of birth
  • address and postcodes
  • NHS number

Some of this information is unique to a person (NHS Number,), and others cannot uniquely identify a person (e.g. a postcode), but all data is stored and processed with the same robust security applied to identifiable data.

We need this information to help meet our purpose of ensuring safe, effective and compassionate, high-quality care.

Information about our own staff and people applying to work for or with us

We need to process personal data about our own staff (and people applying to work for us) so that we can carry out our role (for example, by ensuring that we have the right staff to perform our role) and so we can meet our legal and contractual responsibilities as an employer.

The personal data that we process includes information about racial or ethnic origin, religion, disability, gender and sexuality. We use this information to check we are promoting and ensuring diversity in our workforce and to make sure we are complying with equalities legislation.

Our employees decide whether or not to share this monitoring data with us, and can choose to withdraw their consent for this at any time. Employees who wish to withdraw their consent for us to process this data can contact the HR team.

Other personal data that we are required to process includes information on qualifications and experience, pay and performance, contact details, bank details, and service records (including records of continuous service and pension contributions/entitlements).

We check that people who work for us are fit and suitable for their roles. This may include asking people to undertake Disclosure and Barring Service (DBS) checks. We share information about our employees as required to meet our contractual obligations to them – for example, by sharing relevant information with pension service administrators.

We have a legal obligation to comply with the Freedom of Information Act 2000 and this may include the requirement to disclose some information about our employees – especially those in senior or public facing roles.

Information about people who use our website

We will only collect personal information volunteered by you via our website, such as:

  • Feedback from surveys and online forms
  • Email addresses
  • Preferred means of communication.

This personal information about you will be used to exercise our functions. This privacy statement covers the Independence Matters site. This does not cover external links.

Signing up to our e-newsletter

If you subscribe to this service, your name and email address will be held by us. You can unsubscribe at any point by emailing with your request. 

How we share information with other organisations

We only share personal data with other organisations where it is lawful to do so and in accordance with our Code of Practice on Confidential Personal Information. We do not use personal data for direct marketing (promoting or selling goods, services etc.) or share information with anyone else who will use it for direct marketing.

We sometimes use other organisations to process personal data on our behalf. Where we do this, those companies are required to follow the same rules and information security requirements as us and are not permitted to reuse the data for other purposes.

Retention and disposal of personal data

We publish a retention and disposal schedule which explains how long we keep different types of records and documents for, including records and documents containing personal data. Personal data is deleted or securely destroyed at the end of its retention period.

Changes to the law – the General Data Protection Regulation (GDPR)

The GDPR came into force in May 2018 and has replaced the Data Protection Act 1998. We will ensure that we will process personal data in accordance with the requirements of the GDPR and Data Protection Act 2018.

Your rights

Your right to access information about you

If you think we may hold your personal data and you want to see it, you need to make a subject access request. We will ask you for proof of identity before responding to your request.

Correcting or deleting your personal data

If you think that we may already hold your personal data, and you want us to correct information that you believe is wrong, or if you want us to delete your personal data or to stop processing it, then you have the right to object to the data being used or to ask for it to be corrected.

Please make your objection in writing by sending an email to: or send it by post to:

Data Protection Officer (DPO)
Independence Matters CIC Head Office
Dereham Community Hub
Rashes Green
NR19 1JG 

Sometimes we may need to refuse a request to delete, correct or stop processing personal data. For example, this may be when we need to protect a vulnerable person from harm, or as a result of our legal obligations, or to help us carry out our functions.

Complaints about how we process personal data

If you feel that we have not met our responsibilities under the Data Protection Act 2018 and GDPR, you have a right to request an independent assessment from the Information Commissioner’s Office (ICO). You can find more details on their website

Independence Matters Data Protection Officer (DPO) under Article 37 of the GDPR is Rachel Miller. The DPO’s role is to monitor and advise Independence Matters on meeting its data protection responsibilities. The DPO can be contacted using the details above.

We may update this notice from time to time and will publish an up to date copy on our website and ensure you have the most up to date information.

Last updated: 23/01/2020

“I like seeing my friends and the staff. Coming to the Hub makes me feel happy.”
“We have been learning lots about horticulture and wildlife and have even made our own wildlife habitat.”
The Hub Studio Gang
“I hate being at home every day, I wish I could come more as I get lonely.”
Dementia Care Hub customer
“Good company, good food and fun times!”
Dementia Care Hub customer
“I like the Hub it gives me different opportunities and choices.”
“Thank you for taking such good care of my father this year, particularly in such difficult and extraordinary circumstances.
Family carer
“Whenever I speak to anybody who is looking for day care, I always recommend Harford Hill and will continue to do so. Thank you, thank you, so much for everything.”
Family carer
“I am really enjoying doing the workbooks.”
“My husband enjoys Harford Hill so much he has requested to come an additional day. He gets a bit bored at home. I enjoy having a bit of freedom from constantly caring for him.”
Harford Hill customer carer
“Pine Lodge have a great team. Emma our daughter loves to go as she has a great time and feels very comfortable and content within her surroundings and with staff.”
Family carer
“The best thing that has happened to me in my life, you support me in my own home to be independent and assist me with everyday tasks. ”
“I like staying at Pine Lodge because I can choose delicious dinners to eat.”
“I have had more joy and understanding from the staff at Harford Hill than in all the while I've been dealing with my husband's dementia. ”
Family carer
“This place is very helpful, I found it fun, doing a variety of jobs, got on well with the friendly staff. ”
Kevin, Norfolk Industries work placement candidate

Make an enquiry

Please complete our enquiry form below, alternatively email or call 0300 790 0508

Your details
What support are you interested in?

Please tick relevant support

Stay in touch

Additional information about you

I am:
My area of interest is:

Please note, by submitting your details you are agreeing for Independence Matters to store your data in order to process your enquiry. Please read our privacy policy.