Privacy Policy

Morning Stars Care Ltd collects and processes only the essential personal data required to deliver safe and effective care services and manage its workforce responsibly.

For Individuals Receiving Care:

Data such as name, address, medical history, care needs, GP details, and cultural preferences are collected to provide tailored, person-centred care. Information related to consent, safeguarding, and mental capacity is also recorded to ensure safety and compliance.

For Staff Members:

The company collects contact details, identification documents, DBS checks, training records, and employment history for recruitment, payroll, and regulatory compliance. Attendance, sickness, and payroll data are also maintained for workforce management and legal obligations.

Morning Stars Care Ltd collects and uses personal data to ensure the safe, effective, and personalised delivery of care, while also fulfilling its responsibilities as a regulated care provider. Personal information is essential for delivering high-quality, person-centred services that reflect each individual's needs, preferences, and health conditions. The organisation also processes data to comply with legal and regulatory obligations, including inspections by the Care Quality Commission (CQC), safeguarding duties, and requirements set by local authorities and the NHS.

Personal and clinical data is used to support care planning, risk assessments, medication management, and adaptations for individuals with specific needs. In situations involving safeguarding or emergencies, relevant information may be shared with authorised bodies such as safeguarding boards or emergency services to ensure the protection and wellbeing of individuals.

For employees, Morning Stars Care Ltd collects data to manage contracts, payroll, training, absences, and performance in line with employment law and care standards. This ensures that staff are safe, qualified, and continuously developing in their roles. Additionally, personal data may be used when addressing complaints, incidents, or feedback, helping the organisation maintain transparency, accountability, and continuous improvement.

All data handling is carried out lawfully, proportionately, and with respect for individuals’ privacy rights under data protection laws.

Morning Stars Care Ltd processes personal data only when there is a lawful basis under the UK GDPR, such as fulfilling contracts, complying with legal obligations, protecting vital interests, obtaining consent, supporting public interest in care, or meeting legitimate business needs. Personal data is shared strictly on a need-to-know basis with relevant professionals, regulatory bodies, and emergency services, never for marketing purposes.

Data is securely stored using password-protected systems and locked filing, accessible only to authorised personnel. Staff receive training in data protection, and information is retained only as long as necessary, after which it is securely destroyed or anonymised.

Individuals have full data rights under UK GDPR, including access, correction, erasure, and objection to certain uses. All requests must be made in writing, and responses will be given within 30 days. Data breaches are handled according to strict procedures and reported to the ICO when required. Concerns can be addressed directly to the Registered Manager.