Scheduled maintenance:
Some of our online forms will be unavailable on Thursday 12 December between 7am and 9am. We apologise for any inconvenience caused.
Croydon Council privacy notices.
Croydon Council is committed to protecting your privacy when you use our services.
This Privacy Notice explains what personal information we collect about you, how and why we use it, who we disclose it to, and how we protect your privacy. We comply with our legal obligations under the General Data Protection Regulation (GDPR) 2018 and the Data Protection Act 2018 when using your personal data, for example, collecting, storing, sharing, and destroying.
Croydon’s Adult Social Care Service aims to ensure that our residents live healthy, independent and fulfilling lives as part of our communities. We provide the support you need to achieve your own goals, get involved in the community, make informed choices about your well-being and care, and stay as independent as possible.
When providing social care services to you, we have to collect and use your personal information. We process your personal information in order to provide care and support services and to support vulnerable adults, the elderly, those with physical disabilities and carers either directly or jointly with our partners.
Whilst the majority of information provided to us is mandatory (e.g. to comply with our statutory obligations), some of it is provided by you on a voluntary basis. In order to comply with the GDPR and the Data Protection Act 2018, we will inform you whether you are required to provide certain information to us, or if you have a choice in this. We will also explain what your data rights are and what your information will be used for. Information may be collected in many different ways including on paper, by telephone, electronically or by a member of staff in person.
We may also share your personal information with third-party agencies including the NHS, domiciliary care services, care home providers and other health and care services we may buy-in to support you, or when data-sharing is necessary and mandatory under the law.
You have the right to object to some or all your information being processed (shared) under current data protection legislation (Article 21 the General Data Protection Regulations 2016, and the Data Protection Act 2018).
You are advised that whilst under this legislation you have the right to raise an objection, this right is not absolute in relation to health and care data being shared for the purposes of direct care under the lawful bases for sharing.
All objections will be considered on an individual basis by the Data Controller. The contact details for the DPO for each organisation can be found within this Privacy Notice as displayed by each individual organisation, or on their website.
This Privacy Notice tells you:
The legal bases for processing your personal information are:
Adult Social Care staff will update its systems with any details relating to your situation that will assist the Council in supporting you to meet your social care and health needs. The information we hold about you is confidential. Any records we hold can only be seen by authorised staff and others with a right to know, including you.
The law gives you a number of rights to control what personal information is used by us and how it is used by us. Additional information about your individual data rights can be found in the Council’s Corporate Privacy Notice on our website at www.croydon.gov.uk/privacy .
This may include all or some of the following:
We use your information to help us to:
Your data is accessed by staff working in Croydon’s Adult Social Care Services which has a number of Services / Teams including:
This list is not exhaustive but staff in each area will only access the personal information that is essential to carry out their work and statutory functions but may share data between the respective teams where this is necessary to provide you with services.
Other Council Teams or Services outside of Adult Social Care Services may also have access to your personal information to carry out their statutory roles or support the Teams or Services listed above and may include:
Relevant information about you may be passed to external organisations to arrange support to meet your health and social care needs. The types of organisation we may pass your information to are listed below:
All organisations we pass your information to will have an information-sharing agreement with us to ensure they meet the standards of the GDPR and the Data Protection Act 2018, and will be covered by a legal basis allowing them to collect, use and share your personal information. In some circumstances, information may be shared with third parties where there is a legal obligation to do so.
Please note we may share your personal information when we feel that the risk is serious and protecting you is more important than protecting your privacy. For example, we may share your information:
If we are worried about your safety and believe we need to take action to protect you from being harmed, we will discuss our concerns with you and, if possible, obtain your permission to disclose this information. We may share this information with third parties if we assess the risk to you or others to be serious.
There may also be situations when the risk to you or others is so great that we believe we need to share your information without delay. If this is the case, we will make sure that we record what information we share and our reasons for doing so. We will also let you know what we have done and why if we think it is safe to do so.
We are committed to ensuring that your information is securely held.
We manage, maintain and protect all information according to legislation, our policies and best practice. All information is stored, processed and communicated in a secure manner. We provide training to staff who handle personal information and how to report and escalate when something goes wrong.
When we no longer require to keep information about you, we will review it and archive it for any relevant legal retention period and ultimately dispose of it in a secure manner.
Under GDPR and the Data Protection Act 2018, you have the right to request access to information that we hold about you. To make a request for your personal information, contact the Council’s Information Management Team at SAR@croydon.gov.uk.
The GDPR and Data Protection Act 2018 give you a number of rights to control what personal information is used by us and how it is used by us. Information about your individual data rights is listed in the Council’s Corporate Privacy Notice on our website at www.croydon.gov.uk/privacy.
If you have any questions or concerns about the way we collect, store or use your personal information, please contact us in the first instance on 020 8726 6000.
For advice about data protection issues, you can contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.
We reserve the right to amend this Privacy Notice at any time and will keep it under review. If we do make any changes, we will post the current version to our website at this address.
Last updated: July 2023.
NEW Help improve this site by giving feedback Show Hide
Send feedback directly to the content team using our website feedback form
You can also join our user research group to receive invites to activities and surveys to help shape future improvements to the site.