Last Updated : July 2022
Bridgit Care Privacy Notice
Our contact details
Name: Upstream Outcomes Ltd
Address: C4Di Group, 31-38 Queen’s St, Hull, East Yorkshire, HU1 1UU, United Kingdom
Phone Number: +44 345 528 0008
Our promise to keep your information safe
At Upstream Outcomes, we’re committed to protecting your privacy. We promise to respect any personal information you share with us (or that we receive from other organisations) at all times, and we promise to keep it safe.
This data processing statement applies to Bridgit Care and Upstream Health which are both trading names of Upstream Outcomes Ltd.
How we process your data
This privacy notice sets out how we process your data. It also explains your rights and options around how we use your personal information.
What type of information we have
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics (for example, name and contact details).
- Information about your computer/mobile device and your visits to and use of this website, including for example your IP address and geographical location.
- The internet protocol (IP) address used to connect your computer to the internet.
- Your browser type and version.
- Your time zone setting.
- Browser plug-in types and versions.
- Your operating systems and platforms.
- The uniform resource locator (URL) clickstream to, through and from this site (including date and time).
- Products/services you viewed and searched for.
- Page response times.
- Download errors.
- Length of visits to certain pages.
- Referral sources (how you arrived at the website)
- Page interaction information (such as scrolling and clicks)
- Methods used to browse away from the page.
- Information about our services which you use/which we consider of interest to you.
- Information you’ve populated through our carer assessment process. Including things like your care needs, care goals and progress.
- Financial information, such as bank details or credit/debit card details, where you provide them to make a payment. We don’t store credit or debit card details, but we’re required to store bank details in some circumstances, including when they’re used for direct debit payments.
- Information relating to your family members that interact with you through our services, either through the carer service or through our home support devices or watch.
How we get the information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- interact with us online
- register with us
- communicate with us
- take part in an event
- when authorised through a 3rd party application
- buy something from our store
- apply to work or volunteer for us
- give us your personal information in any other way, for example, if you’re receiving products
- for online consultations, or other video conversations.
We also receive personal information indirectly, from the following sources in the following scenarios:
- business partners
- sub-contractors in technical, payment and delivery services
- event organisers
- advertising networks
- analytics providers and search information providers.
What is your lawful basis for processing?
Under Article 6 of the General Data Protection Regulation (GDPR), the lawful bases we rely on for acting as a data controller:
If you’ve used our online support tool?
Through our online support tool we capture your consent to track cookies through the process and then require your consent when you provide us with your email address and postcode.
Where we have a legitimate interest.
We will share information on services, products, local events and interest groups to carers where we believe these services can help them in their caring role. We use your information to ensure that this support is targeted so you only receive the support you need. This support is provided through email or facebook support.
You are able to stop receiving emails from us at anytime by clicking ‘Unsubscribe’ on any of our emails.
What we do with the information we have
We use the information that you have given us in order to:
- provide you with services, products or information you’ve asked us for
- provide further information about our work, services, activities or products
- allow you to purchase goods
- use your data to support our learning products (such as machine learning) to identify trends and areas we can support you
- further our social enterprise aims, including for fundraising and procurement
- research the impact and effectiveness of our work and services
- register, administer and personalise online accounts
- register and administer your participation in events you’ve registered for
- administer and keep our website safe and secure and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
- improve your interactions with our website, for example by making sure that content is presented in the most relevant and effective manner for you and for your computer/mobile device
- report on the results and impact of our work, services and events
- analyse and improve our work, services, activities, products or information (including our website) or for our internal records
- use IP addresses and monitor website use to identify locations, block disruptive use, record website traffic or personalise the way information is presented to you
- to process your application for a job or volunteer role with us
- training and/or quality control
- audit and/or administer our accounts
- satisfy legal obligations which are binding on us, for example, arising from contracts entered into between you and us or in relation to regulatory, government and/or law enforcement bodies with whom we may work
- prevent fraud, misuse of services or money laundering
- reduce credit risk
- communicate with you in any other way
- for the establishment, defence and/or enforcement of legal claims; and/or
If you are in communication with our Carers Support Service, you should note that:
- Our Carers Support Service has a duty of care to all of its clients. Where all communication with our service is confidential, we hold the right to notify public services should you disclose something we feel highlights serious risk or harm to you or a 3rd party individual.
How we store your information
In general, the personal information that we collect from you will be stored at a destination within the UK.
However, we use agencies and suppliers to process personal information on our behalf.
Your personal information may therefore be transferred or stored outside, and/or otherwise processed by contractors operating outside, the UK who work for us or for one of our suppliers.
Please note that some countries outside of the UK have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals.
Where your personal information is transferred, stored and/or otherwise processed outside the UK, we’ll take all reasonable steps necessary to make sure the recipient implements appropriate safeguards (such as by entering into standard contractual clauses) designed to protect your personal information and to ensure that your personal information is treated securely and in accordance with this Policy.
Unfortunately, no transmission of your personal information over the internet can be guaranteed to be 100% secure.
In general, if we no longer need your information for the reasons you gave it to us, we remove your personal information from our records six years after the date it was collected.
But we’ll remove it sooner if:
- your personal information is no longer required for the purpose you shared it with us
- we’re no longer lawfully entitled to process it
- you ask us to remove it.
If you ask to receive no further contact from us, we’ll keep some basic information about you to make sure we don’t send you unwanted materials in the future.
Please note that special rules apply to health records, which may often be kept for longer than six years.
Where your personal information is used to support research, it is
usually kept for longer and may be used in the future to help with
further research as medical science advances.
Who can see my personal information?
Only appropriately trained staff, volunteers and contractors can access your information. It is stored on secure servers with features to prevent unauthorised access.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal data in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
How to complain
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113