+1 234 567 8989
Make an Enquiry

Privacy Policy

HomePrivacy Policy

Johma Healthcare Ltd
Last updated: 15/02/2026

1. Who We Are

Johma Healthcare Ltd (“we”, “us”, “our”) provides in-home care and support services across the United Kingdom.

We are committed to protecting and respecting your privacy in accordance with:

UK General Data Protection Regulation (UK GDPR)

Data Protection Act 2018

Data Controller:
Johma Healthcare Ltd
Registered Address: [Insert Registered Address]
Email: info@johmahealthcare.com
Phone: [Insert Phone Number]
Company Registration Number: [Insert if registered with Companies House]

2. The Information We Collect

Because we provide healthcare services, we collect both personal data and special category (health) data.

A. Clients (Service Users)

We may collect:

  • Full name
  • Date of birth
  • Address and contact details
  • NHS number (if applicable)
  • GP details
  • Emergency contact details
  • Medical history
  • Medication records
  • Care plans
  • Risk assessments
  • Mental capacity assessments
  • Safeguarding information
  • Next of kin details
  • Financial/payment details (if privately funded)B. Family Members / Representatives
  • Name
  • Contact details
  • Relationship to client
  • Communication preferences

C. Employees and Job Applicants

  • CV and employment history
  • References
  • Right to work documentation
  • DBS check results
  • Training records
  • Health declarations (where required)
  • Payroll information
  • Bank details
  • National Insurance number

D. Website Visitors

When you visit our website, we may collect:

  • IP address
  • Browser type
  • Pages visited
  • Cookies (see Section 10)

If you complete our contact form, we collect:

  • Your name
  • Email address
  • Phone number
  • Message details
3. Lawful Basis for Processing

Under UK GDPR, we rely on the following lawful bases:

For Care Services

  • Article 6(1)(b) – Contract
  • Article 6(1)(c) – Legal obligation
  • Article 6(1)(d) – Vital interests
  • Article 9(2)(h) – Provision of health or social care

For Employees

  • Contract
  • Legal obligation
  • Legitimate interests

For Marketing (if applicable)

  • Consent
4. How We Use Your Information

We use your information to:

  • Deliver safe and effective care
  • Create and review care plans
  • Communicate with GPs, NHS, and healthcare professionals
  • Manage medication
  • Safeguard vulnerable individuals
  • Process payroll and HR matters
  • Meet CQC regulatory requirements
  • Respond to enquiries
  • Improve our services
  • Prevent fraud
    We do not sell your personal data.
5. Who We Share Your Information With

We may share information with:

  • GPs and NHS services
  • Local authorities
  • Care Quality Commission (CQC)
  • Safeguarding authorities
  • Payroll providers
  • IT support providers
  • Insurance providers
  • Legal or regulatory bodies, when required

All third parties are required to keep your data secure and confidential.

6. Data Storage and Security

We take appropriate technical and organisational measures to protect your data, including:

  • Secure digital care systems
  • Password protection and encryption
  • Secure paper file storage
  • Staff confidentiality agreements
  • DBS-checked staff
  • Staff GDPR training

We retain care records in line with the NHS Records Management Code of Practice (usually 8 years after care ends, unless required longer).

7. International Transfers

We do not transfer personal data outside the UK unless adequate safeguards are in place.

If any of our IT systems store data outside the UK, they comply with UK GDPR transfer rules.

8. Data Retention

We only retain personal data as long as necessary:

  • Care records: Minimum 8 years
  • Staff records: 6 years after employment ends
  • Financial records: 6 years
  • Enquiries: 12 months unless converted to a client
9. Your Rights Under UK GDPR

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure (where legally possible)
  • Restrict processing
  • Object to processing
  • Data portability (where applicable)
  • Withdraw consent (if consent is the basis)

To exercise your rights, contact us at:
[Insert Email Address]

10. Cookies

Our website may use cookies to:

  • Ensure website functionality
  • Improve user experience
  • Analyse website traffic (if using Google Analytics)

You can control cookies via your browser settings.

11. Complaints

If you are unhappy with how we handle your data, please contact us first.

You also have the right to lodge a complaint with:

Information Commissioner’s Office (ICO)
Website: https://ico.org.uk

Helpline: 0303 123 1113

12. Data Breaches

In the event of a data breach, we will:

  • Investigate immediately
  • Inform affected individuals if required
  • Report to the ICO within 72 hours where legally required
13. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

JohMa Healthcare © 2026. All rights reserved.