top of page

Privacy Notice​

 

1. Data Controller The Data Controller responsible for the processing of your personal data is:Email: bst@srscare.uk

 

2. Purpose of Data Processing SRS Care processes personal data for the following purposes: - User registration, authentication, and account management - Delivery and coordination of health and care services - Communication between users and care providers - Monitoring system performance and ensuring service quality​

 

3. Categories of Personal Data Collected SRS Care may collect and store: - Personal identifiers (e.g., full name, email address, contact information) - Demographic data (e.g., date of birth, gender) - Health and care data (e.g., treatment records, care plans, assessment notes) - Technical data (e.g., device type, IP address, login history, usage logs)​

 

4. Legal Basis for Processing Personal data is processed under the GDPR on the following legal bases: - Consent (Article 6.1(a)) – for optional services such as health reminders - Contractual necessity (Article 6.1(b)) – to provide core care services - Legal obligation (Article 6.1(c)) – to comply with healthcare regulations - Vital interests (Article 6.1(d)) – in emergencies or safeguarding scenarios - Provision of health or social care (Article 9.2(h)) – for processing special category (sensitive) data

 

​5. Data Sharing and Transfers Personal data may be shared with: - Registered healthcare professionals and authorised personnel - Government regulators or authorities where legally required - Trusted third-party processors under data processing agreements SRS Care does not transfer personal data outside the EEA unless appropriate safeguards (e.g., Standard Contractual Clauses) are in place.

 

6. Data Retention SRS Care retains personal data only as long as necessary for the purposes described. Unless otherwise required by law, health and care records are retained for 7 years after inactivity, after which data is securely deleted or anonymized.​

 

7. Data Subject Rights Under GDPR, you have the right to: - Access your data - Rectify inaccurate or incomplete data - Request erasure ("right to be forgotten") - Restrict or object to processing - Data portability (receive your data in a structured format) - Withdraw consent at any time (where processing is based on consent) To exercise these rights, please contact: bst@srscare.uk

 

8. Security Measures SRS Care uses robust data protection measures including: - Encryption of all sensitive data at rest and in transit - Role-based access controls and secure authentication - Routine audits, monitoring, and vulnerability testing - Privacy-by-design principles embedded in system architecture​

 

9. Complaints If you believe your data protection rights have been violated, you may file a complaint with the supervisory authority: Information Commissioner’s Office (ICO) https://ico.org.uk

bottom of page