Last updated: 15
At Abbey Healthcare, we are committed to protecting the privacy and personal data of all our residents, staff, families, and website visitors. This privacy policy outlines how we collect, use, store, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Abbey Healthcare is a group of care homes operating across the UK, providing residential, nursing, dementia, and respite care.
Data Controller: Abbey Healthcare
Contact Address: Head Office, Sutherland House, 70-78 West Hendon Broadway, London. NW9 7BT
Email: info@abbeyhealthcare.org.uk
Phone: 020 3356 7070
We may collect and process the following personal data:
Full name, date of birth, and contact details
Next of kin and emergency contacts
Medical and care history
GP and healthcare professional details
Medication and treatment plans
Financial and funding information
Images and recordings (for care purposes, with consent)
IP address, browser type, and pages visited
Contact information (if submitted via enquiry forms)
Contact details, CVs, references, and qualifications
Disclosure and Barring Service (DBS) checks
Employment history and right to work documentation
We use personal data for the following purposes:
To provide safe and effective care
To communicate with families, healthcare professionals, and other relevant parties
To meet regulatory requirements (e.g. CQC)
For employment and HR purposes
To manage our services and respond to enquiries
To improve our website and services
We only process personal data where we have a lawful basis to do so, including:
Consent – where you have given clear consent for us to process your data.
Contract – where processing is necessary for a contract with you.
Legal obligation – where we must comply with the law.
Vital interests – to protect someone’s life.
Public task – for tasks in the public interest or official functions.
Legitimate interests – where we have a genuine and legitimate reason.
We may share your information with:
Healthcare professionals and GPs
Local authorities and regulatory bodies (e.g. CQC)
Emergency services (when necessary)
Legal representatives or advocates
Service providers (e.g. payroll, IT support)
Only when necessary and with appropriate safeguards in place
We never sell or rent personal data to third parties.
We take the security of your data seriously. We implement appropriate technical and organisational measures to protect data from loss, misuse, or unauthorised access.
Data is stored securely on password-protected systems
Staff are trained in data protection
Access to data is restricted based on job role
Physical files are kept in locked cabinets
We retain personal data only for as long as necessary:
Resident records – usually kept for 8 years after last contact
Employment records – typically kept for 6 years after employment ends
Enquiry data – deleted after 12 months if no further contact
You have the right to:
Access your personal data (Subject Access Request)
Correct or update inaccurate data
Request erasure of your data (in certain cases)
Object to or restrict processing
Withdraw consent (if consent was the basis for processing)
Complain to the Information Commissioner’s Office (ICO)
To exercise your rights, contact us at:
Email: info@abbeyhealthcare.org.uk
Our website uses cookies to enhance user experience. You can accept or decline cookies via your browser settings.
We may update this policy from time to time. Any changes will be posted on this page with the updated date.
Contact Us
If you have any questions or concerns about this privacy policy or how we handle your data, please contact:
Data Protection Officer
Abbey Healthcare
Head Office, Sutherland House, 70-78 West Hendon Broadway, London. NW9 7BT
info@abbeyhealthcare.org.uk | 020 3356 7070