Skip to content

Privacy Policy

Version 2.0 | 22 April 2021

Added to Website on 5th May 2020

Introduction

Green Light PBS Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, https://switchedoncare.com/ (“Our Site”) and only collect and use your personal data as described in this Privacy Policy.   Any personal data we collect will only be used as permitted by law. Please read this Privacy Policy carefully and ensure that you understand it.

Information About Us

Our Site is owned & operated by Green Light PBS Ltd, a limited company registered in England under company number 09496038

Registered address:

Trading address:

VAT number:

Mor Workspace, Treloggan Lane, Newquay, Cornwall, TR7 2FP

As above

N/A

Data Protection Officer:

Email address:

Telephone number:

Postal address:

Timea Szabo – Moore ClearComm – DPO as a Service

[email protected]  

07931 236 303

Devonshire House, 60 Goswell Road, London, EC1M 7AD

Representative:

Email address:

Telephone number:

Postal address:

Jo Pyrah (Nominated Individual)

[email protected]

01637 416444

Mor Workspace, Treloggan Lane, Newquay, Cornwall, TR7 2FP

1. What Does This Policy Cover?

This Privacy Policy applies only to your use of Our Site. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

2. What Is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

3. What Are My Rights?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:

  • The right to be informed about my collection & use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 10
  • The right to access the personal data we hold about you; Part 9 will tell you how to do this
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold
  • The right to restrict (i.e. prevent) the processing of your personal data
  • The right to object to us using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases
  • Rights relating to automated decision-making and profiling. We do not use your personal data in this way

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 10.

It is important that your personal data is kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed if we have that data.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau (CAB).

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first.

4. What Personal Data Do We Collect and How?

We obtain personal data about you, for example, when:

  • You request a proposal from us in respect of the services we provide
  • Your employer or our client engages us to provide our services and during the provision of those services
  • You contact us by email, telephone, post or social media (for example when you have a query about our services) or from third parties and/or publicly available resources (for example, from your employer or from Companies House)

The information we hold about you may include the following:

  • Your personal details (such as your name and/or address)
  • Financial details such as bank account numbers
  • Details of contact we have had with you in relation to the provision, or the proposed provision, of our services
  • Tax details such as tax codes, unique tax references, national insurance number and salary
  • Details of any services you have received from us
  • Our correspondence and communications with you
  • Information about any complaints and enquires you make to us
  • Information from research, surveys and marketing activities
  • Information we receive from other sources, such as publicly available information, information provided by your employer or our clients

5. How we use personal data we hold about you

  • We may process your personal data for purposes necessary for the performance of our contract with you or your employer or our clients and to comply with our legal obligations
  • We may process your personal data for the purposes necessary for the performance of our contract with our clients. This may include processing your personal data where you are an employee, subcontractor, supplier or customer of our client
  • We may process your personal data for the purposes of our own legitimate interests provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data. This includes processing for marketing, business development, statistical and management purposes
  • We may process your personal data for certain additional purposes with your consent, and in these limited circumstances where your consent is required for the processing of your personal data then you have the right to withdraw your consent to processing for such specific purposes

Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.

a) Situations in which we will use your personal data

We may use your personal data in order to:

  • Carry out obligations arising from any agreements entered between you or your employer or our clients and us which will usually be for the provision of our services
  • Carry out obligations arising from any agreements entered between our clients and us which will usually be for the provision of our services where you may be a subcontractor, supplier or customer of our client
  • Provide you with information related to our services and our events and activities that you request from us or which we feel may interest you, provide you have consented to be contacted for such purpose
  • Seek your thoughts and opinions on the services we provide and
  • Notify you about any changes to our services

b) Change of purpose

Where we need to use your personal data for another reason, other than for the purpose for which we collected it, we will only use your personal data where that reason is compatible with the original purpose.

Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.

6. Do You Share My Personal Data?

a) Why might you share my personal data with third parties?

We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.

b) Which third-party service providers process my personal data?

“Third parties” includes third-party service providers. The following activities are carried out by third-party service providers: IT and cloud services, professional advisory services, administration services and payroll processing services.

All our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.

c) What about other third parties?

We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

7. How Can I Access My Personal Data?

If you want to know what personal data, we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email or postal addresses provided. To make this as easy as possible for you, a Subject Access Request Form is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within one month and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

8. Privacy Overview

Here at Green Light PBS Ltd we are committed to building and keeping the trust and confidence of everyone we have contact with.  We think it’s important that you know that we record your personal data when you do things like visit our website, our Facebook page or use our online services in any way.  We want you to trust us with any information we collect and hold.

This privacy policy explains all you need to know about:

  • What information we collect
  • Why we collect it
  • What we do with it
  • When we may share it with others
  • How you can access and update your information

Green Light PBS Ltd is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

If you are unhappy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).  However, we would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

It is very important that the information we hold about you is accurate and up to date.

9. Sensitive Data

We do not collect any Sensitive Data about you from this website.  Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.  We do not collect any information about criminal convictions and offences.

You are not required to provide any personal information on the public areas of this website; however, you may choose to do so by completing the application forms on various sections of our websites and Facebook pages, including:

  • Our work with us / careers sections / pages
  • Our publications section / pages
  • Our seminars and events section / pages
  • Our other online services; and
  • Our contact us form

We may also obtain personal information from your IP address, operating system and web browser that you use to access our website or Facebook site.  You may also provide us with personal information if you contact us by email, telephone or letter.

We require your explicit consent for processing sensitive data, and we will request your signature for this consent.

10. How we use your personal data  

We will only use your personal data when legally permitted.  The most common uses of your personal data are:

  • Where we need to establish and perform the contract between us, for example if you apply to work for us
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation

Generally, we do not rely on consent as a lawful basis for processing your personal data, other than in relation to sending marketing communications to you via email or text message.

You have the right to withdraw your consent to receiving marketing information from us at any time by emailing us at: [email protected]

11. Purposes for processing your personal data  

Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data.  We have also explained what our legitimate interests are where relevant.

We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data.

Please email us at [email protected] if you need details about the specific lawful basis we are relying on to process your personal data where more than one ground has been set out in the table below:

Purpose / Activity Type of Data Lawful Basis for Processing
To register you as a new customer
  • Identity
  • Contact
Performance of a contract
To manage our relationship with you which will include:

Notifying you about changes to our terms or Privacy Policy

Asking you to leave a review or take a survey

  • Identity
  • Contact
  • Financial
  • Marketing and communications
Performance of a contract with you

Necessary to comply with a legal obligation

Necessary for our legitimate interests to keep our records updated and to study how customers use our services

To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • Identity
  • Contact
  • Technical
Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud, and in the context of a business reorganisation or group restructuring exercise

Necessary to comply with a legal obligation

To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising
  • Identity
  • Contact
  • Profile
  • Usage
  • Marketing and Communications
  • Technical
Necessary for our legitimate interests to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy
To use data analytics to improve our website, services, marketing, customer relationships and experiences
  • Technical
  • Usage
Necessary for our legitimate interests to define types of customers for our services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy
To make suggestions and recommendations to you about goods or services that may be of interest to you
  • Identity
  • Contact
  • Technical
  • Usage
  • Profile
Necessary for our legitimate interests to develop our services and grow our business

12. Marketing communications

You will receive marketing communications from us if you have:

a. Requested information from us or purchased goods or services from us; or

b. If you provided us with your details and ticked the box at the point of entry of your details for us to send you marketing communications; and

c. In each case, you have not opted out of receiving that marketing

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

You can ask us or third parties to stop sending you marketing messages at any time by emailing us at [email protected] at any time

Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product / service purchase, service experience or other transactions.

13. Disclosures of your personal data  

We may have to share your personal data with the parties set out below for the purposes set out in the table in paragraph 2 above:

  • Service providers who provide IT and system administration services
  • Professional advisers including lawyers, bankers, auditors, HR professionals and insurers who provide consultancy, banking, legal, insurance and accounting services
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
  • CQC, Safeguarding authorities and other Health and Social Care regulators
  • Third parties to whom we sell, transfer, or merge parts of our business or our assets

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law.  We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

We share your personal data within our group of companies which involves transferring your data outside the European Economic Area (EEA).

Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.

Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
  • Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US

If none of the above safeguards is available, we may request your explicit consent to the specific transfer.  You will have the right to withdraw this consent at any time.

Please email us at [email protected] if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

14. How Do I Contact You?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

Email address: [email protected]

Postal Address: FAO Data Protection Officer

Green Light PBS Ltd. Mor Workspace, Treloggan Lane, Newquay, Cornwall, TR7 2FD

Telephone number: 01637 416444

15. Changes to this Privacy Policy

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up to date.

16. Regulatory Bodies & Memberships

We are regulated by the Care Quality Commission (CQC)

Cornwall Council commission services and conduct periodical Quality Assurance Visits