Treatment/Referrals: +44 (0) 1473 740 872  |  referral@bramacare.co.uk
Call Us

Privacy Notice

Privacy Notice for Bramacare

Effective Date: 01/02/2025

This Privacy Notice explains how Bramacare (“we”, “us”, “our”) collects, uses, stores, and protects your personal information. We take data protection and confidentiality very seriously and are committed to complying with UK data protection legislation, including the UK General Data Protection Regulation (UK GDPR).
We may update this notice from time to time. If significant changes are made, we will publish the updated version on our website.

Contacting Us

If you have questions about this Privacy Notice, concerns about how we process your personal data, or wish to make a complaint, please contact:

Email: twh@bramacare.co.uk

Postal Address:
Data Protection Officer
Bramacare
The White House
Limerick Close
Ipswich
IP1 5LR

We take data security extremely seriously and review all communications promptly. If you are unsatisfied with our response, you may raise your concern with the UK Information Commissioner’s Office (ICO) via www.ico.org.uk .

What is a Privacy Notice?

Bramacare is a data controller, which means we are responsible for deciding how your personal data is collected, used, and stored. This Privacy Notice explains how and why we process your information, and sets out your legal rights under UK GDPR.

Who This Privacy Notice Applies To

This notice applies to:

  • All patients and residents receiving care or treatment from Bramacare.
  • Individuals contacting us for information or services.
  • Staff and job applicants (where relevant).

Personal Information We Collect

We may collect, store, and use the following types of personal data:

General personal information:

  • Name, title, address, phone number, email address, and communication preferences.
  • Date of birth.
  • Marital status and dependents.
  • Next of kin and emergency contacts.
  • National Insurance number and NHS number.
  • Bank or payment details.
  • Identification documents (passport, driving licence, proof of address).
  • Nationality, residency, and immigration status.
  • Online identifiers such as IP address or social media handles.

Special categories of sensitive personal data (processed only where necessary):

  • Race or ethnicity, religious or philosophical beliefs, or political opinions.
  • Sexual orientation.
  • Trade union membership.
  • Physical and mental health information, including medical history and treatment plans.
  • Biometric data (if applicable, e.g. security identification).

We may also collect aggregated or anonymised data for audit, research, or service improvement purposes.

How We Collect Your Personal Information

We collect personal data in the following ways:

  • Directly from you, your family, or your legal representative.
  • From third parties such as the NHS, GPs, local authorities, private insurers, or other healthcare professionals.

Why We Use Your Personal Information

We use your personal information to:

  • Provide safe and effective health, social care, and treatment tailored to your needs.
  • Protect your vital interests in safeguarding or urgent care situations.
  • Communicate with healthcare professionals, regulators, and family (where appropriate).
  • Manage billing, payments, and contracts.
  • Ensure compliance with Care Quality Commission (CQC) and other regulatory obligations.
  • Maintain secure premises, including the use of CCTV (where applicable).
  • Conduct audits, quality reviews, and research (using anonymised data).

We only process personal data where there is a lawful basis, including:

  • With your consent.
  • To comply with legal obligations.
  • For our legitimate interests (where your rights are not overridden).
  • For reasons of substantial public interest in the provision of health and social care.

Bramacare does not sell or share your personal information for marketing purposes.

Failure to Provide Personal Information

If you do not provide personal details when requested, we may not be able to:

  • Deliver appropriate care and treatment.
  • Process payments for services.
  • Fulfil legal or regulatory obligations.

Sharing Your Personal Information

We may share your information with:

  • NHS services, GPs, local authorities, and private insurers.
  • Third-party providers who deliver IT, billing, or security support.
  • Regulators, safeguarding bodies, or law enforcement, where legally required.

Where possible, we anonymise data before sharing. If personal data is transferred outside the UK (e.g. by cloud service providers), we ensure appropriate safeguards are in place in line with UK GDPR.

How Long We Retain Your Information

We keep personal data only as long as necessary to fulfil its purpose and meet legal requirements. Retention periods follow the NHS Records Management Code of Practice (2021):

  • Adult health and care records: 8 years after conclusion of care.
  • Mental health records: 20 years after last contact, or 8 years after death (whichever is sooner).
  • Financial and payment records: 6 years (HMRC requirement).
  • Staff employment records: duration of employment plus 6 years after leaving.
  • Anonymised data: may be kept indefinitely for research, audit, or service improvement.

After these periods, data will be securely destroyed.

Protecting Your Personal Data

We use robust technical and organisational security measures to prevent loss, misuse, or unauthorised access to your data. Access is restricted to authorised staff and third parties involved in your care, all of whom are subject to confidentiality obligations.

Your Data Rights

Under UK GDPR, you have the right to:

  • Access your personal data (receive a copy).
  • Correct inaccurate or incomplete data.
  • Request deletion of your data (in certain circumstances).
  • Restrict processing of your data.
  • Request data portability (transfer of your data to another provider).
  • Object to processing based on legitimate interests.

To exercise these rights, contact: twh@bramacare.co.uk .
We do not carry out automated decision-making or profiling that has a legal or significant impact on individuals.

Cookies and Website Tracking

We use cookies on our website to:

  • Enable essential site functionality.
  • Improve website performance and security.
  • Analyse usage patterns to enhance our services.

Non-essential cookies (such as analytics) are only used with your consent. You can manage cookie preferences via your browser settings. For more details, see our Cookie Policy.

Commitment to Privacy

Bramacare is committed to protecting your privacy and ensuring that your personal data is handled with transparency, respect, and security at all times.