Privacy Policy

Privacy Policy

Medicare People (“we”, “us”, “our”) operates as both a medical staffing agency and an in‑home care provider. 

We are committed to protecting your personal information and ensuring your data is handled safely, securely, and in line with the UK GDPR and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services, register with us, or visit our website.

1. Who We Are

Medicare People supplies clinical staff to health and social care providers and delivers in‑home care services directly to individuals. We act as the Data Controller for all personal information we collect.
Email: info@medicarepeople.co.uk
Address: 86-90 Paul Street, London EC2A 4NE

2. Information We Collect

We collect different types of information depending on whether you are a client, care recipient, family member, job applicant, worker, or website visitor.

Candidates & clinical staff: name, contact details, right‑to‑work documents, DBS checks, references, training evidence, qualifications, vaccination status, work history, bank details, shift records, performance feedback.
In‑home care clients & families: personal details, contact information, care assessments, health information, risk assessments, medication information, GP details, next‑of‑kin information, care records, visit logs, communication history.

Staffing clients: service contacts, booking details, invoices, communication logs, service requirements.
Website users: IP address, browser type, cookie information, form submissions.

3. How We Use Your Information

We use personal information to:

  • Provide medical staffing agency services
  • Deliver safe, regulated in‑home care
  • Complete compliance and safeguarding checks
  • Assess suitability for employment or care roles
  • Manage bookings, care visits, rotas, and shifts
  • Maintain accurate care and clinical documentation
  • Record visit logs and care activity for regulatory purposes
  • Process payroll and invoicing
  • Communicate service updates, opportunities, and enquiries
  • Comply with legal, regulatory, and safeguarding obligations

We do not sell or trade personal data.

4. Legal Basis for Processing

We process data under the following lawful bases:

  • Contract: providing care services or staffing
  • Legal obligations: safeguarding, right‑to‑work, payroll, care regulation
  • Legitimate interests: service delivery, business operations
  • Consent: marketing communications or optional information
  • Vital interests: protecting someone in a health or safety emergency

You may withdraw consent at any time.

5. Sharing Your Data

We may share information with:

  • Health and social care providers
  • Families or authorised representatives (for care services)
  • Background‑check and training organisations
  • Payroll and pension partners
  • Technology providers, including our system Sync
  • Local authorities or safeguarding teams
  • Regulators such as the CQC, NMC, or DBS
  • Law enforcement when legally required

We only share what is necessary and always securely.

6. Data Security

We protect your data through secure encrypted systems, controlled access, and ongoing security monitoring. Our internal platform, Sync, tracks compliance, care documentation, and expiry dates in real time to maintain accuracy and safety.

7. Data Retention

We retain data only for the required period:

  • Care records: minimum 8 years (CQC requirement)
  • Candidate worker records: 6 years after last activity
  • Client business records: 6 years
  • Payroll/financial information: 6 years
  • Website analytics: up to 26 months

Data may be deleted earlier where legally appropriate.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Request correction
  • Request deletion (where legally allowed)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent
  • Complain to the ICO (www.ico.org.uk)

9. Health & Care Data

When delivering in‑home care, we may process sensitive health data. We only do this where necessary to deliver safe care, meet regulatory requirements, protect vital interests, or fulfil legal obligations.

10. International Transfers

If data is transferred outside the UK, we use approved safeguards such as Standard Contractual Clauses or adequacy decisions.

11. Cookies

Our website uses cookies for analytics, performance, and functionality. You can manage or disable cookies through your browser.

12. Updates to This Policy

We may update this Privacy Policy when legal or operational changes occur. A revised “Last updated” date will appear at the top.