Drafted for 2026 publication
Last updated: 18 June 2026

Document Overview

Included notice	Purpose
1. Website Privacy Notice	For website visitors, online enquiries, marketing preferences and digital contact points.
2. Resident / Relative / Representative Privacy Notice	For residents, prospective residents, family members, attorneys, deputies, advocates and representatives.
3. Job Applicant Privacy Notice	For candidates applying for roles with Belmont Healthcare.
4. Staff / Worker / Volunteer Privacy Notice	For employees, agency workers, contractors, volunteers, trainees and students where applicable.
5. Visitor / CCTV Privacy Notice	For home and office visitors, contractors and anyone whose personal data may be captured through entry records or CCTV.
6. Cookies & similar technologies	For website visitors, online enquiries, marketing preferences and digital contact points.

 

Core Drafting Notes

• This suite is written as original Belmont Healthcare wording for adaptation and publication.
• The notices are designed to be layered, clear, and audience specific.
• Belmont Healthcare Services Ltd is an ICO registered company and follow the online information
• These notices should sit alongside Belmont’s wider information governance framework, retention schedule, cookie notice, data protection complaints procedure, data breach procedure, CCTV signage, and subject access request procedure.

 

Website Privacy Notice

Last updated: 18 June 2026

Belmont Healthcare is committed to protecting personal information and being open about how it is used. This notice explains how Belmont Healthcare collects, uses, stores, shares and protects personal data when individuals visit the website, submit enquiries, request information, sign up for updates, apply for a role online, or otherwise interact with Belmont Healthcare through digital channels.

Who We Are

• Belmont Healthcare Services Ltd is the data controller for the personal data collected through this website unless stated otherwise.
• Registered office / correspondence address: Suite 3 Croft House, Black Solis Road, Redditch B98 9HN
• Telephone: 0333 444 0121
• Email: enquiries@belmonthealthcare.co.uk
• Data Protection Officer / Privacy Lead: Deborah de Beer

 

What Personal Data We Collect

Information Provided Directly

• Name, email address, telephone number, postal address and job title where relevant.
• Details included in online enquiry forms, emails, call-back requests or other website communications.
• Marketing preferences and subscription choices.
• Application details, CVs or supporting information if a role is applied through the website or linked recruitment systems.

 

Information Collected Automatically

• IP address, browser type, device information, operating system, pages visited, dates and times of access, referral source and cookie-related data.

 

Information From Other Sources

• Information may also be received from family members, professional referrers, local authorities, NHS organisations, recruitment agencies or system providers where relevant to an enquiry or application.

 

How We Use Personal Data

• To respond to enquiries about care homes, services, vacancies, fees and availability.
• To assess whether Belmont Healthcare may be able to support a prospective resident safely and appropriately.
• To manage communications, compliments, concerns, complaints and feedback.
• To process job applications or direct applicants to recruitment systems.
• To improve the website, user experience, communications and services.
• To send relevant updates or marketing where lawful.
• To meet legal, regulatory, safeguarding and security obligations.

 

Lawful Bases

• Depending on the circumstances, Belmont Healthcare may rely on consent, steps before entering into a contract, performance of a contract, legal obligation, legitimate interests, vital interests or public task where relevant.

 

Who We May Share Information With

• Belmont Healthcare homes, services and central teams on a need-to-know basis.
• Healthcare professionals or partner organisations involved in care-related enquiries.
• Local authorities, commissioners, safeguarding teams and regulators, including the CQC, where lawful and necessary.
• IT, website hosting, analytics, recruitment, cloud or administration providers acting on Belmont Healthcare’s behalf under appropriate contracts.
• Legal advisers, auditors, insurers, law enforcement agencies or government bodies where disclosure is lawful or required.

 

Cookies And Similar Technologies

• The website may use cookies and similar technologies for functionality, analytics, security and user experience.
• Where required, Belmont Healthcare will obtain consent before placing non-essential cookies or using similar technologies.
• See Belmont Healthcare’s separate Cookie Notice for more detail on cookies, similar technologies and how preferences can be managed.

 

Marketing

• Where Belmont Healthcare is permitted to do so, information about services, homes, events or updates may be sent by email or other channels.
• Individuals can opt out of marketing at any time using the unsubscribe option or by contacting Belmont Healthcare directly.

 

International Transfers

• If any personal data is stored or accessed outside the UK, Belmont Healthcare will ensure appropriate safeguards are in place in line with UK data protection law.

 

Retention

• Website-related personal data will be kept only for as long as necessary for the purposes for which it was collected and in line with Belmont Healthcare’s retention arrangements, legal obligations and legitimate business needs.

 

Rights And Complaints

• Individuals have data protection rights including rights of access, rectification, erasure in certain circumstances, restriction, objection, portability where applicable, and the right to withdraw consent where consent is relied on.
• If an individual is unhappy with how personal data has been handled, a data protection complaint can be made to Belmont Healthcare via complaints@belmonthealthcare.co.uk
• Belmont Healthcare should acknowledge data protection complaints within 30 days and respond without undue delay in line with its complaints process.
• If an individual remains dissatisfied, a complaint can also be made to the Information Commissioner’s Office (ICO) at www.ico.org.uk.

 

Other Websites

• The Belmont Healthcare website may contain links to other websites. This notice applies only to Belmont Healthcare’s website unless stated otherwise.

 

 

Resident, Relative and Representative Privacy Notice

Last updated: 18 June 2026

Belmont Healthcare recognises that information about residents, prospective residents, relatives, attorneys, deputies, advocates and representatives is highly sensitive and must be handled lawfully, fairly and securely. This notice explains how Belmont Healthcare uses personal data to provide safe, person-centred care and to meet legal, regulatory and safeguarding obligations.

 

Who This Notice Applies To

• Residents and prospective residents.
• Relatives, next of kin and nominated contacts.
• Attorneys, deputies, advocates and representatives.
• People making enquiries on behalf of a resident or prospective resident.

 

What Personal Data We May Collect

• Names, addresses, dates of birth and contact details.
• Relationship details and contact information for relatives or representatives.
• Health, care, medication, risk, mental capacity, communication and support needs.
• GP and other professional details, NHS number and healthcare identifiers where relevant.
• Assessment, admission, funding, finance and payment information.
• Care records, incident records, safeguarding records, audits, reviews, complaints and compliments.
• Religion or belief, ethnicity, sexuality or other sensitive information where relevant to care and support.
• Photographs or images where properly authorised and relevant to care, safety or identification.

 

Where Information Comes From

• The resident or prospective resident.
• Relatives, representatives, attorneys, deputies or advocates.
• Local authorities, commissioners, NHS bodies, hospitals, GPs and other professionals.
• Existing care providers or services, emergency services or safeguarding teams where relevant.

 

How We Use Personal Data

• To assess needs before admission or placement.
• To provide safe, person-centred care and treatment.
• To develop, review and deliver care plans, support plans and risk assessments.
• To administer medicines and monitor health, nutrition, hydration and wellbeing.
• To liaise with relatives and authorised representatives.
• To protect residents and others through safeguarding, infection prevention, risk management and emergency response.
• To manage incidents, accidents, complaints, compliments and feedback.
• To meet contractual, legal, regulatory, inspection and statutory duties.
• To improve service quality, safety and governance.

 

Lawful Bases and Special Category Conditions

• Depending on the circumstances, Belmont Healthcare may rely on health or social care purposes, legal obligation, contract or pre-contract steps, vital interests, legitimate interests or public task where relevant.
• For special category data, Belmont Healthcare may rely on health or social care purposes, substantial public interest including safeguarding where applicable, employment or social protection law where relevant, vital interests, or explicit consent where appropriate.

 

Who We May Share Information With

• Belmont Healthcare staff and central support teams on a need-to-know basis.
• GPs, community nurses, hospitals, pharmacists, therapists and other professionals involved in care.
• Local authorities, safeguarding teams, commissioners and emergency services.
• The CQC and other regulators where required or appropriate.
• Approved contractors, system suppliers and processors acting on Belmont Healthcare’s behalf under appropriate contracts.
• Legal representatives, insurers, courts or law enforcement bodies where disclosure is lawful and necessary.

 

Confidentiality And Security

• Belmont Healthcare respects confidentiality and only shares personal data where there are a lawful basis and a genuine need to do so.
• Appropriate technical and organisational measures are used, including staff training, role-based access, confidentiality requirements, secure systems, supplier controls and incident management procedures.

 

Retention

• Health and social care records are retained in line with legal, regulatory and records management requirements and Belmont Healthcare’s retention schedule.
• When information is no longer needed, it will be securely deleted, destroyed or anonymised where appropriate.

 

Rights and Complaints

• Residents and, where appropriate, authorised representatives have rights under data protection law including rights of access, rectification, restriction, objection and complaint, subject to lawful limitations and identity / authority checks.
• If there is concern about how personal data has been handled, a complaint can be made to Belmont Healthcare using [insert complaints contact details].
• If dissatisfaction remains, a complaint can also be made to the ICO.

 

Job Applicant Privacy Notice

Last updated: 18 June 2026

Belmont Healthcare collects and uses personal data about job applicants to manage recruitment fairly, safely and lawfully. This notice explains how applicant data is collected, used, shared, retained and protected during the recruitment process.

 

What Personal Data We Collect

• Name, address, contact details and date of birth.
• CVs, application forms, covering letters and correspondence.
• Interview notes and recruitment decision records.
• Qualifications, training records and employment history.
• Professional registration details, right to work evidence and identification documents.
• References, DBS and safer recruitment information where required.
• Occupational health or health declaration information where lawful and necessary.
• Equality monitoring information where collected.
• Technical data if the application is made through the website or recruitment systems.

 

Where We Get Information From

• The applicant directly.
• Recruitment agencies or search providers.
• Professional bodies or registration authorities.
• The Disclosure and Barring Service or associated checking providers.
• Occupational health providers and publicly available sources where appropriate and lawful.

 

How We Use Applicant Data

• To assess suitability for a role and shortlist candidates.
• To communicate with candidates and arrange interviews or assessments.
• To verify qualifications, references, registration, DBS status and right to work checks.
• To undertake safer recruitment and pre-employment screening.
• To meet legal and regulatory requirements in adult social care.
• To maintain recruitment records and improve recruitment processes.

 

Lawful Bases

• Belmont Healthcare may rely on steps before entering into a contract, legal obligation, legitimate interests in recruitment and workforce planning, consent where appropriate, and employment law or substantial public interest conditions for any special category data as relevant.

 

Who We May Share Applicant Data With

• Managers and recruitment decision-makers within Belmont Healthcare.
• HR and central support teams.
• Recruitment system providers, portals and agencies.
• DBS, right to work and reference providers.
• Occupational health providers, professional regulators or authorities where appropriate.
• Legal or regulatory bodies where disclosure is lawful or required.

 

Retention

• If a candidate is appointed, relevant recruitment information will be added to the staff record.
• If a candidate is unsuccessful, information will be retained only for as long as reasonably necessary and in line with Belmont Healthcare’s retention schedule and legal obligations.

 

Rights And Complaints

• Applicants have data protection rights including the right to be informed, request access, request correction and make a complaint, subject to lawful exemptions and verification steps.
• Concerns about how personal data has been used during recruitment can be raised via [insert complaints route].
• If dissatisfaction remains, a complaint can also be made to the ICO.

 

Staff, Agency Worker, Contractor and Volunteer Privacy Notice

Last updated: 18 June 2026

Belmont Healthcare needs to collect and use personal data about employees, agency workers, contractors and volunteers to manage employment and engagement arrangements, support safe care delivery, meet legal obligations and run the organisation effectively.

 

Who This Notice Applies To

• Workers and casual staff.
• Agency workers.
• Contractors and consultants.
• Volunteers, trainees and students where applicable.

 

What Personal Data We May Collect

• Contact and identification details.
• Next of kin and emergency contact details.
• Recruitment, vetting, right to work, DBS and reference information.
• Contract, payroll, pension, benefit and expense information.
• Attendance, leave, rota, timekeeping and shift information.
• Training, supervision, appraisal, competency and performance records.
• Sickness, occupational health, reasonable adjustment and wellbeing information.
• Disciplinary, grievance, whistleblowing and investigation records.
• CCTV, access-control or security records where used.
• IT usage, device and systems information where lawful and proportionate.
• Photographs or marketing consents where relevant.

 

How We Use Staff Data

• To administer employment or engagement arrangements.
• To pay salaries, pensions, benefits and expenses.
• To roster and deploy staff safely and effectively.
• To maintain training, competence and compliance records.
• To support wellbeing, safety, occupational health and reasonable adjustments.
• To investigate incidents, concerns and misconduct.
• To meet legal, tax, pension, safeguarding, regulatory and health and safety duties.
• To protect residents, staff, visitors, systems, premises and confidential information.
• To communicate with staff and manage internal operations.

 

Lawful Bases

• Belmont Healthcare may rely on performance of a contract, legal obligation, legitimate interests, vital interests where relevant and consent in limited circumstances where appropriate.
• For special category data, Belmont Healthcare may rely on employment, social security and social protection law, assessment of working capacity, health or social care purposes where relevant, substantial public interest or explicit consent where appropriate.

 

Who We May Share Staff Data With

• Managers and authorised Belmont Healthcare teams.
• Payroll, pension and benefits providers.
• Occupational health and employee support providers.
• Recruitment, compliance and DBS providers.
• Training providers and professional regulators.
• Government bodies including HMRC or the Home Office where required.
• Insurers, auditors, legal advisers, safeguarding teams and regulators where necessary and lawful.

 

Monitoring And Security

• Belmont Healthcare may use lawful, proportionate monitoring, security and access-control measures to protect residents, premises, systems, confidential information and legitimate business interests.
• Any monitoring will be carried out transparently and in line with internal policies and legal requirements.

 

Retention

• Staff-related records are retained only as long as necessary and in line with legal, contractual, employment, tax, pension, safeguarding and regulatory requirements and Belmont Healthcare’s retention schedule.

 

Rights And Complaints

• Staff and workers have rights under data protection law, including rights of access, rectification, restriction, objection in certain circumstances and complaints.
• Concerns about how personal data has been handled can be raised via [insert DPO / privacy lead / HR complaints contact details].
• If dissatisfaction remains, a complaint can also be made to the ICO.

 

Visitor and CCTV Privacy Notice

Last updated: 18 June 2026 

Belmont Healthcare uses personal data relating to visitors to help keep residents, staff, visitors and premises safe and secure, to manage access to services, and to meet legal and regulatory duties. Where CCTV or other surveillance is used, it is handled lawfully, transparently and securely.

 

Who This Notice Applies To

• Visitors to Belmont Healthcare homes and offices.
• Professionals, contractors and external workers attending site.
• Family members and other personal visitors.
• Anyone whose image or other personal data may be captured by Belmont Healthcare CCTV systems.

 

What Personal Data We May Collect

• Name and contact details.
• Vehicle registration details where parking is used.
• Visit date, time, purpose and sign-in / sign-out information.
• Information needed for infection prevention, health and safety or safeguarding where applicable.
• CCTV images and related surveillance information where CCTV is in operation.

 

Why We Use Visitor and CCTV Data

• To manage entry to and use of Belmont Healthcare premises.
• To safeguard residents, staff and visitors.
• To support health and safety, fire, infection control and emergency procedures.
• To protect property, systems and confidential information.
• To prevent and detect crime, abuse or other inappropriate conduct.
• To investigate incidents, accidents, complaints or safeguarding concerns.
• To meet legal, regulatory and insurance requirements.

 

Lawful Bases

• Belmont Healthcare may rely on legal obligation, legitimate interests in site security, safeguarding and service management, vital interests where there is a serious risk to life or safety, and substantial public interest where relevant to safeguarding or the prevention / detection of unlawful acts.

 

Who We May Share Information With

• Authorised Belmont Healthcare staff.
• Local authorities or safeguarding teams.
• Police or other law enforcement agencies.
• The CQC or other regulators.
• Insurers, legal advisers or courts.
• Security or system providers acting on Belmont Healthcare’s behalf under appropriate controls.

 

Retention And Security

• Visitor logs and CCTV images are retained only for as long as necessary for safety, security, investigation or legal purposes and in line with Belmont Healthcare’s retention arrangements.
• Belmont Healthcare takes steps to ensure visitors and CCTV data is protected against unauthorised access, disclosure or misuse.

 

Rights And Complaints

• Individuals have rights under data protection law, including the right to request access to personal data, subject to lawful limits and the rights of other individuals.
• If there is concern about how visitors or CCTV information has been handled, a complaint can be made to Belmont Healthcare using [insert complaints route].
• If dissatisfaction remains, a complaint can also be made to the ICO.

 

Website Cookie & Tracking Transparency Notice

Last updated: 18 June 2026

This Cookie Notice explains how Belmont Healthcare uses cookies and similar technologies on its website. Cookies help ensure website functionality, improve performance, support analytics, and where appropriate support marketing and communications.

 

What Are Cookies?

• Cookies are small text files placed on a user’s device when visiting a website.
• They allow websites to recognise a user’s device, remember preferences, and collect information about how the site is used.

 

Types Of Cookies We Use

• Strictly necessary cookies – required for website operation such as security and navigation.
• Performance and analytics cookies – help us understand how users interact with the website.
• Functionality cookies – remember user choices such as preferences.
• Targeting or marketing cookies – used to deliver relevant content or adverts where applicable.

 

How We Use Cookies

• To ensure website functionality and security.
• To improve website performance and user experience.
• To analyse website traffic and usage trends.
• To support communications and marketing where permitted by law.

 

Lawful Basis and Consent

• Belmont Healthcare uses strictly necessary cookies under legitimate interests for website operation.
• For non-essential cookies, Belmont Healthcare will request user consent before placing cookies or similar technologies on a device.

 

Third-Party Cookies

• Some cookies may be set by third-party services such as analytics providers, website platforms or advertising partners.
• These providers must meet appropriate data protection standards.

 

Managing Cookies

• Users can manage or withdraw cookie consent through the website cookie banner or settings tool.
• Browser settings can also be used to block or delete cookies.
• Disabling some cookies may affect website functionality.

 

How Long Cookies Are Stored

• Some cookies expire when the browser is closed, while others remain for a set period depending on their purpose.

 

Data Protection and Privacy

• Where cookies collect personal data, Belmont Healthcare processes this information in line with its Privacy Notice and applicable data protection laws.

 

Changes To This Notice

• This Cookie Notice may be updated periodically. The latest version will always be available on the website.

 

Contact Details

Belmont Healthcare available on our available

 

Belmont Healthcare Data Protection Complaints Procedure & Notice Pack

Last updated: 17 June 2026

Data Protection Complaints Notice (Public-Facing)

Belmont Healthcare is committed to handling personal data lawfully and fairly. If you are unhappy with how your personal data has been handled, you have the right to make a data protection complaint.

 

You can make a complaint by: 

• Email: complaints@belmonthealthcare.co.uk
• Telephone: [0333 444 0121]
• Writing to: [as per home office office ]
• Online form: [www.belmonthealthcare.co.uk

We will acknowledge your complaint within 30 days and respond without undue delay following investigation.

If you are not satisfied, you can escalate your complaint to the Information Commissioner’s Office (ICO) at www.ico.org.uk

 

Data Protection Complaints Procedure (Internal Use)

Step 1: Receipt of Complaint

• Record complaint in Data Protection Complaints Log.
• Acknowledge receipt within 30 days.

 

Step 2: Initial Assessment

• Identify nature and scope of complaint.
• Determine if it is a data protection complaint under legislation.

 

Step 3: Investigation

• Gather relevant records and systems data.
• Speak with relevant staff members.
• Assess compliance with UK GDPR and DPA 2018.

 

Step 4: Outcome And Response

• Provide outcome without undue delay.
• Explain findings clearly to complainant.
• Identify any corrective actions required.

 

Step 5: Learning and Improvement

• Log themes and trends.
• Update policies, training or processes if required.

 

Belmont Completion Checklist Before Publication (Updated)

• Core organisational details
• Insert the correct Belmont Healthcare legal entity name(s) across all notices.
• Insert head office address, telephone number, privacy email and web contact form details.
• Insert Data Protection Officer / Privacy Lead details and, where applicable, Caldicott Guardian details.
• Insert ICO registration number(s) and confirm they are current.
• Website and digital compliance
• Confirm website provider, analytics tools and tracking technologies in use.
• Ensure cookie banner is in place and allows users to accept/reject non-essential cookies.
• Ensure Privacy Notice and Cookie Notice are accessible via website footer.
• Confirm marketing consent processes comply with PECR including opt-out functionality.
• Cookie Notice (NEW)
• Review and personalise Cookie Notice to reflect actual technologies used.
• Add cookie audit table (recommended) including cookie name, purpose, duration and provider.
• Ensure alignment between Privacy Notice, Cookie Notice and cookie banner.
• Data Protection Complaints (June 2026 requirement)
• Ensure a clear data protection complaint route is available (email, form, post, phone).
• Ensure complaints are acknowledged within 30 days.
• Ensure investigation and response is provided without undue delay.
• Implement and maintain a Data Protection Complaints Log.
• Ensure managers and administrators are trained on complaint handling.
• Publish/display the complaints notice for residents, visitors and website users.
• Operational governance
• Cross-reference Cookie Notice, Complaints Procedure, Retention Schedule, Data Breach Procedure and CCTV guidance.
• Confirm third party processors have data processing agreements in place.
• Ensure suppliers meet data protection and security requirements.
• Legal and governance sign-off
• Review lawful bases and special category data processing across all notices.
• Confirm retention periods align with Belmont retention schedule.
• Obtain final approval from Governance/Compliance Lead and Data Protection Officer.
• Implementation
• Publish notices across website, resident packs, recruitment portals, staff handbook and visitor signage.
• Ensure documents are accessible, consistent and easy to understand for all audiences.