Privacy Policy

A legal disclaimer

Woodbridge Care (referred to as "we", "us", or "our") is a children's residential care home located in the UK. We are committed to protecting the privacy and confidentiality of all personal information we handle. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.We process personal data about children in our care, their families, guardians, representatives, visitors, staff, and others involved in providing or receiving our services.

As we work with children and vulnerable individuals, we apply the highest standards of data protection, including specific safeguards for children's personal data.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

Email: a.morris@woodbridgecare.co.uk
Phone: 07934 988851

Our Data Protection Officer (if applicable) can be contacted at the above details.

1. What personal data do we collect? We collect and process the following types of personal data:

About children in our care: Name, date of birth, contact details, family information, health and medical records, education details, behavioural information, care plans, and any special category data (e.g., ethnic origin, religious beliefs, health data) necessary for providing safe and effective care.
About families, guardians, and representatives: Names, contact details, relationship to the child, and any relevant correspondence or involvement in care planning.
About visitors and professionals: Names, contact details, and visit records (e.g., social workers, healthcare professionals).
Via our website (if applicable): If you contact us through our Wix website (e.g., via forms or enquiries), we may collect your name, email address, phone number, and message content. We may also use cookies for basic website functionality (see Section 8).

Special category data (sensitive information such as health, ethnicity, or religious beliefs) is processed with extra care, particularly for children.

2. How do we collect personal data? We collect data:

Directly from you (e.g., during enquiries, admissions, or ongoing care).
From third parties (e.g., local authorities, social services, schools, healthcare providers, or police, where necessary for safeguarding or care provision).
Automatically via our website (e.g., IP address or browser information for site functionality).

3. Why do we process personal data? (Lawful bases). We process personal data under the following lawful bases from the UK GDPR:

To perform a contract: Providing residential care services.
Legal obligation: Compliance with care regulations (e.g., Children's Homes Regulations, Care Quality Commission requirements).
Vital interests: To protect the life or wellbeing of a child or others.
Public task: Delivering social care services in the public interest.
Legitimate interests: Managing our operations, safeguarding, and improving services (balanced against your rights).
For special category data: Substantial public interest (e.g., safeguarding vulnerable children), health/social care purposes, or vital interests.

We prioritise the best interests of the child in all processing.

4. Who do we share personal data with? We share data only where necessary and proportionate:

With local authorities, social services, and placing authorities.
Healthcare professionals (e.g., GPs, therapists).
Regulatory bodies (e.g., Ofsted, Care Quality Commission).
Police or safeguarding teams (if required for child protection).
Other professionals involved in the child's care (e.g., schools, courts).

We may share anonymised data for statistical or reporting purposes. All sharing complies with data protection law and safeguarding obligations.

5. Safeguarding and child protection Protecting children is our priority. In some cases, we may share information without consent if we believe a child is at risk of harm (e.g., with police or social services). This is permitted under data protection law for safeguarding purposes.

6. How do we keep personal data secure? We use appropriate technical and organisational measures to protect data, including:

Secure storage (physical and digital).
Access controls (only authorised staff).
Staff training on data protection.
Regular reviews and audits.

Data is stored primarily in the UK. If transferred outside the UK (rare), we ensure adequate safeguards.

7. How long do we keep personal data? We retain data only as long as necessary, in line with legal requirements (e.g., children's records are kept until the child reaches 75 years old or longer if required by regulations). After this, data is securely deleted or anonymised.

8. Website-specific information (cookies and online data) Our website is built on Wix. We use essential cookies for basic functionality (e.g., navigation). We do not use analytics or marketing cookies unless specified. Wix may collect some data on our behalf – see Wix's Privacy Policy for details. If you submit a contact form, we use the information only to respond to your enquiry.

9. Your rights under data protection law. You (or the child, where appropriate) have rights, including:

Access to your personal data.
Rectification of inaccurate data.
Erasure (in certain circumstances).
Restriction of processing.
Objection to processing.
Data portability.

For children, rights may be exercised by a parent/guardian with parental responsibility. We consider the child's views where appropriate. To exercise rights, contact us using the details above. We respond within one month.

You can complain to the Information Commissioner's Office (ICO) at ico.org.uk or 0303 123 1113.10. Changes to this Privacy Policy we may update this policy. Changes will be posted on our website and, where appropriate, notified directly.