Beehive Care & Training Group

Call Us - 01404 643883  Email Us - info@bct-group.co.uk

We ask that you read this privacy promise carefully as it contains important information on who we are and how we collect, use, store and share personal information. It outlines your rights and how to contact us and other relevant organisations in the event you have a complaint. 

Who we are 

We are:

  • Beehive Care & Training Group Ltd 
  • Company House no. 15534139
  • Address: Unit 19L Flightway Business Park, Dunkeswell, Nr Honiton, Devon EX14 4PB 

As a ‘data controller’, we are responsible for how we process your information in the UK. The UK General Data Protection Regulation (UK GDPR) sits alongside an amended version of the Data Protection Act (DPA) 2018 and applies to most UK businesses and organisations. We must comply with this data protection regime with regards to the data protection principles, our obligations and your rights as a UK citizen. 

All our data processing activities are monitored by our appointed Data Protection Officer to ensure that the information we collect is: 

  • Used lawfully, fairly and in a transparent way 
  • Relevant and for reasons that we have told you about 
  • Accurate and up to date 
  • Kept only for as long as it is needed 
  • Kept securely 

You may also be interested in our: 

Privacy Notice (Customers & Representatives)

Effective date March 2026
Review frequency Annual or sooner if legislation or guidance changes


Next review due March 2027
Applicable legislation UK GDPR, Data Protection Act 2018, Care Act 2014


Applies to: Customers, family members, representatives and professionals


1. Who We Are
Beehive Care & Training Group Ltd ("Beehive", "we", "us", "our") is a regulated provider of domiciliary 
and live‑in care services. We are committed to protecting your privacy and handling your personal 
data lawfully, fairly and transparently.


2. What Information We Collect
We may collect and process the following information:
• Personal identifiers (name, address, date of birth, contact details)
• Health, care and support information
• Risk assessments and care plans
• Financial and billing information
• Communications, correspondence and complaints
• Records of visits, incidents, accidents and safeguarding concerns


3. Lawful Basis for Processing Personal Data
We process personal data in accordance with the UK GDPR and Data Protection Act 2018 under the 
following lawful bases:
• Article 6(1)(b) – Performance of a contract
• Article 6(1)(c) – Compliance with a legal obligation
• Article 6(1)(d) – Protection of vital interests
• Article 6(1)(e) – Task carried out in the public interest
• Article 9(2)(h) – Health or social care purposes
• Article 9(2)(c) – Vital interests where an individual is unable to give consent
Consent is not relied upon as the primary lawful basis for delivering regulated care. Consent may be 
used for optional activities (e.g. testimonials or feedback).


4. How We Use Your Information
We use your information to:
• Deliver safe and effective care
• Assess needs, risks and outcomes
• Meet safeguarding and regulatory duties
• Communicate with you and relevant professionals
• Manage billing and contractual arrangements
• Investigate incidents, complaints or concerns


5. Information Sharing
We may share information with:
• Health and social care professionals
• Safeguarding authorities
• Regulatory bodies (including the CQC)
• Emergency services
Information may be shared without consent where required by law, safeguarding duties or vital 
interests.


6. Electronic Record Systems
Your information may be securely stored and accessed using approved electronic care management 
systems used by Beehive Care & Training Group Ltd. Access is role‑restricted, audited and governed 
by our Data Protection and Information Governance Policies.


7. Data Retention
We retain care records for a minimum of 8 years following the end of care, or longer where required 
by law or safeguarding considerations.


8. Your Data Protection Rights
You have the right to:
• Access your personal data (Subject Access Request)
• Request rectification of inaccurate or incomplete data
• Request restriction of processing where applicable
• Object to processing in certain circumstances
• Request erasure where legally permissible
• Data portability where applicable
• Raise a concern with the Information Commissioner’s Office (ICO)
ICO: www.ico.org.uk | 0303 123 1113


9. Subject Access Requests (SARs)
You have the right to request a copy of the personal data we hold about you.
• Requests must be made in writing (email or letter)
• Proof of identity may be required before information is released
• We will respond within one calendar month of receiving a valid request
• Requests are normally provided free of charge, unless manifestly unfounded or excessive
Where requests are complex or numerous, the response time may be extended by up to a further two 
months, in line with UK GDPR.


10. Data Protection Lead (DPL / DPO Function)
Beehive Care & Training Group Ltd has appointed a senior lead with responsibility for data protection 
and information governance.
The Data Protection Lead is responsible for:
• Oversight of GDPR and Data Protection Act compliance
• Responding to Subject Access Requests
• Managing data breaches and information security incidents
• Acting as the point of contact with the ICO
Data protection enquiries and SARs should be submitted using the contact details provided in your 
care documentation.


11. Staff Responsibilities
All staff are required to access, understand and comply with Beehive’s Data Protection, 
Confidentiality and Information Governance Policies and SOPs as a condition of employment.


12. Data Breaches
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, 
Beehive Care & Training Group Ltd will:
• Take immediate steps to contain and investigate the breach
• Notify the Information Commissioner’s Office (ICO) where required
• Inform affected individuals without undue delay where there is a high risk to their rights and 
freedoms
All data breaches are managed in line with our Data Protection and Information Governance Policies.


13. Information About Representatives and Family Members
We may process personal data relating to family members, representatives, attorneys, deputies or 
other individuals involved in a customer’s care where this is necessary for care delivery, safeguarding, 
communication or legal purposes.


14. Automated Decision‑Making
Beehive Care & Training Group Ltd does not use automated decision‑making or profiling to make 
decisions that have legal or similarly significant effects on individuals.


15. Complaints About Data Protection
If you have concerns about how your personal data has been handled, we encourage you to contact 
us in the first instance so we can investigate and resolve the matter promptly. This does not affect 
your right to raise a concern directly with the Information Commissioner’s Office (ICO).


16. International Data Transfers
Beehive Care & Training Group Ltd does not routinely transfer personal data outside the United 
Kingdom. Where international transfers are required, appropriate safeguards will be in place in 
accordance with UK GDPR.


17. Contact Us
For data protection enquiries, Subject Access Requests or information governance concerns, please 
contact Beehive Care & Training Group Ltd using the contact details provided in your care 
documentation.
 

Sharing your personal information with others 

 

We share appropriate information with: 

  • External social and health care professionals and any individuals that you nominated as your representative or who have a legal entitlement. At your request, we would share information with another an alternative provider. 
  • Law enforcement authorities on request or following a court order 
  • Public bodies that require evidence of our compliance with contractual obligations and to satisfy regulatory frameworks. 
  • Local safeguarding Advisory Boards (SAB) regarding issues and concerns. 
  • Third party data processors and service providers who are contracted to support us 
  • Relevant internal Beehive Care & Training Group Ltd personnel to provide safe and effective services. 
  • External suppliers/partners that support business functions and service development. 

We will not sell or trade your personal information with other third party without your consent. 

 

National Data Opt-Out 

At this time, we do not share any data for planning or research purposes for which the national data opt-out would apply. We review this on an annual basis and for any new processing. 

 

Data Transfers and Storage 

Beehive Care & Training Group Ltd transfers and stores data under contractual agreements with data processors in the UK. Data transfers and storage may also occur in the European Economic Area (EEA) and third countries. These are now known as Restricted Data Transfers. 

 

Restricted Data Transfers 

Under the UK GDPR, restricted data transfers from the UK to the EEA and other countries covered by a European Commission ‘adequacy decision’ are currently permitted subject to review by the UK Government. 

Restricted data transfers from the EEA and other countries covered by a European Commission ‘adequacy decision’ continues to comply with Eu GDPR with the appropriate safeguards we have put in place. 

Restricted Data Transfers between the UK to other third countries are permitted in compliance with the UK GDPR ‘adequacy regulations’ or the appropriate safeguards we have put in place. 

These appropriate safeguards ensure that your individual rights and freedoms are protected in respect to your personal data in accordance with the UK data protection regime. 

 

Keeping your personal information safe 

We have appropriate organisational and technical security measures to protect your personal information and limit who has access. There are also appropriate safeguards in place for data transfers to protect your privacy rights. 

Data transfers are subject to appropriate safeguards designed to protect your privacy rights and give you recourse in the unlikely event of misuse of your personal information. 

We have procedures in place to detect and respond to suspected data security breaches. We may notify you and any relevant authority as part of our data risk management where we are legally obliged to. 

 

Your rights 

  • You have rights over the way we use your information: 
  • You have the right to be informed about what information we collect and how it is used as outlined in this privacy promise. 
  • You have the right to ask for access to the information we hold on you. We would usually provide copies free of charge. 
  • You have the right to ask us to correct or update any information you think is incorrect or incomplete. 
  • You have the right to object to your information being used and/or withdraw consent. 
  • You have the right to ask us to stop using your information. This ‘right to be forgotten is only applied where there is no legal reason for us to continue to hold or use it. 
  • You have the right to object to any automated decision making. This could affect your ability to fully access our services. 
  • You have the right to ask us to stop using your information for marketing purposes by opting out at any point of the registration process or by updating your preferences once registered. The unsubscribe feature on our emails are actioned immediately but may take up to 14 days to complete. 
  • You have the right to ask us to transfer certain personal information or a copy of some of your information to you or to another organisation, including service providers, in a format they can use where this is technically possible, known as the ‘right to data portability’. 
  • You have the right to withdraw any permission you have previously given us to use your information. 

For detailed information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the UK General Data Protection Regulation. If you would like to exercise a right, please contact the Compliance team at  info@bct-group.co.uk or see the ‘how to contact us’ section. 

 

How to contact us 

If you have any questions about this privacy promise, your rights or wish to contact the Data Protection Officer, get in touch by: 

  • Email – info@bct-group.co.uk 
  • Post – Compliance Department, Beehive Care & Training Group Ltd, Unit 19L Flightway Business Park, Dunkeswell, Nr Honiton, Devon EX14 4PB 

Other information 

 

How to complain 

If you contact us, we hope to resolve any query or concern you raise about our use of your information. 

The UK GDPR also gives you right to lodge a complaint with a supervisory authority with the Information Commissioner Office (ICO) who are the supervisory body in the UK and can be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113. 

 

Changes to this privacy promise 

This privacy notice was first published on 04.03.2024 

We may change this privacy promise and update our website from time to time. 

 

Do you need extra help? 

If you would like this privacy promise in another language or format such as audio, large print or braille, please contact us 

 

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.