Tel: 01782 777 511

Privacy Policy – Crystal Care Solutions


Version Number

Valid From


Approved By


Prepared By

Luke Peach


Version History


Version Number



Luke Peach

Privacy Notice Draft





1. Introduction:

We, Crystal Care Solutions take the protection of your personal data very seriously and strictly adhere to the rules laid out by data protection laws and the General Data Protection Regulation (GDPR).

This privacy notice aims to give you information on how Crystal Care Solutions collects and processes your personal data through your use of this site and to our business in general, including any data you may provide if you contact us for job opportunities or enquiries.

We have appointed a data protection officer (DPO) who is responsible for monitoring and providing guidance with our GDPR status. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the contact information laid out in section 10 of this privacy notice.

2. lawful Basis of Processing Personal Information

We only collect and use personal information about you when the law allows us to. Most commonly, we use it where:

  • The data subject (you) have given consent to the processing
  • Processing is necessary for the performance of a contract
  • Processing is necessary for compliance with a legal obligation to which the controller is subject
  • Processing is necessary in order to protect the vital interests of the data subject
  • Processing in necessary for the purpose of the legitimate interest pursed by the controller or third party

3. What Information we collect

We collect personal information from you, for example, if you send us your CV, make a general enquiry, or use any of our Services. The categories of personal information that we may collect, store and use about you include:

  • Name, telephone number, email;
  • Your country of birth, nationality;
  • Date of birth and gender;
  • Passport details, national insurance number;
  • Job title
  • demographic information such as postcode, preferences and interests
  • other information relevant to referrals such as young person or individual information

3.1 Use of ‘Cookies’

Cookies are Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a device or browser.

For me details on how and what cookie we use, please click here.

4. How long do we keep information for

We pride ourselves on ensuring that your personal data is retained for the period that Crystal Care Solutions needs it for. All personal information collect has a defined retention period, which is in-line with our retention policy. If you would like to find out how long your information is being retained, please see “additional information”, section 10 of this policy. When no longer required, data is destroyed securely and without undue delay.

5. Security of personal information

Crystal Care Solutions is committed to handling your personal information with high standards of information security. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

At Crystal Care Solutions we have ensured that all employees have enough information security training and have a Media Handling policy which helps maintain, enforce and communicate best practices surrounding media handling throughout the business.

6. Children’s information

We understand that child data is classed as highly sensitive and high-risk information and as a result we have ensured that extra security measures are in place to protect this type of data when Crystal Care Processes it. We have achieved this through stringent risk and Data Protection Impact assessment analysis. This also involves reviewing these periodically to ensure the security is constantly evolving to keep up with the latest threats and security innovations. 

We also ensure we have explicit consent from parents or guardians before the processing of child data commences.

7. Your individual rights

In this Section, we have summarised the rights that you have under General Data Protection Regulation. Some of the rights are complex, and not all the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights. Please note, not all these rights are absolute, and we can refuse to comply with rights in certain scenarios. If this is ever the case, you will be notified with all the relevant information.

Your principal rights under General Data Protection Regulation are:

  • Right to Access
  • Right to Rectification
  • Right to Erasure
  • Right to Restrict Processing
  • Right to Object
  • Right to Data Portability

You have the right to confirmation as to whether we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but duplicate copies or requests deemed excessive may be subject to a reasonable fee (£10).

You as a data subject have the right to rectification, which will allow you as the data subject to modify/change any personal information to the purpose of ensuring that the information we process is update to date.

The right to erasure or right to be forgotten will allow you as the data subject to inform us that you no longer want Crystal Care Solutions to continually to store or process your personal information. Please be aware that we may decline your right for several reasons, which are not limited to, having a lawful basis to process your information or us needing your information for the performance of a contractual obligation.

As a data subject, you have the right to stop any processing of your personal information. Please be aware that you must provide us with a legitimate reason for us to stop processing. Any request made that doesn’t conform to the GDPR will be rejected.

On occurrence Crystal Care Solutions may send you marketing emails or newsletters that we believe can benefit you. As you have the right to object, you can click the unsubscribe link on all our emails to inform us that you no longer want to receive them.

The right to data portability will allow you as the data subject to have your personal information securely transferred to another organisation for processing. At Crystal Care Solutions we place this reasonability on you that data subject. When you make this request, we will export all information about you and securely transfer it to yourself. You, the data subject will be able to give this information to your chosen organisation.

If you have any question about these rights, please see “additional information”, section 10 of this policy.

8. Data transfers/Third parties

8.1 Providing your information to others

Crystal Care Solutions may disclose your personal data, listed in section 3 to some third parties insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy. Third parties that we use are listed below.


Lawful Basis

Privacy Notice

Ellis Whittam


Office 365


IONOS by 1and1


Knowhow Cloud



The above table represents the Third Parties most commonly used by Crystal Care Solutions for the processing of personal data. For further details on all Third Parties used by Crystal Care, please contact our Data Protection Officer.

9. Right to complaint

We take any complaints about our collection and use of personal information very seriously.

If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.

To make a complaint, please contact our Data Protection Officer.

Alternatively, you can make a complaint to the Information Commissioner’s Office:

By Post:

Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

By Website: Click Here

By Email: Click Here

By Phone: 0303 123 1113 (Local rate) or 01625 545 745 (National rate)

Crystal Care Solutions are fully registered with the Supervisory Authority under reference number Z7067342. Full details can be found here

10. Additional information

Your trust is important to us. That is why we are always available to talk with you at any time and answer any questions concerning how your data is processed. If you have any questions that could not be answered by this privacy policy or if you wish to receive more in depth information about any topic within it, please contact our Data Protection Officer via email dpo@crystalcaresolutions

11. Review of this Policy

We keep this Policy under regular review. This Policy was last updated on 12/11/2019.

11.1 Amendments

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

Quotes from Inspection Reports

‘The views, wishes and feelings of young people are central to the day-to-day running of the home. Key-work sessions and young people’s meetings take place regularly and allow young people to discuss all aspects of the home, their care, and individual issues relating to them.‘



Encourage Independence & Confidence


Steering Good Decisions Making

Practical Activities

Develop & Explore New Interests

Outdoor Activities

Encourage Team Building and Fun