Privacy Policy

Privacy Policy

1.0 Website Privacy Policy

This website privacy policy describes how we protects and makes use of the information you give the company when you use the website. The Website is the property of Ivy Cottage (Ackton) Ltd. We take the privacy of all visitors to this website very seriously and therefore set out in this privacy policy our position regarding how your personal data is treated and the use of cookies.

Certain businesses are required under the Data Protection Act 1998 and subsequent introduction of the EU General Data Protection Regulations (GDPR) from the 25th May 2018 to have a Data Controller. The Data Controller is a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are to be, processed. The principle Data Controller for the company is John Sykes who has responsibility for the content and day to day management of the company website.

It is important to note that we do not use or operate any google analytics or similar software packages to analyse our website traffic or store information about your preferences or when you might return to the website. This type of Cookie allows to count page visits and traffic sources to measure and help improve the performance of organisational websites. A cookie is a small file placed on your computer’s hard drive. It enables the provider of the website to identify your computer as you view different pages on a website.

Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable the provider to see information like how many people use the website and what pages they tend to visit.

2.0 Information that we may collect from you.

In operating our website we may collect and process the following data about you:

Information that you provide by filling in forms on our website, such as when you register to receive information such as a newsletter, request a job application form or other marketing communications or contact us via the contact page.

Information that you freely provide to us when communicating with us for any reason.

This information may include;
Name and or job title
Your email address, telephone number and address if you choose to receive email communications.

2.1 How we use this data.

Collecting this data helps us understand what you are looking for from the company.

Specifically, we may use data;
For our own internal records
To improve the products and the service that we provide
To contact you in response to a specific enquiry.

2.2 Storing your personal data

The data that we collect from you may be transferred to, and stored on internal secure servers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely, and in accordance with the privacy policy. Unfortunately, the transmission of information via the internet is not completely secure. We will do our best to protect your personal data, we cannot however guarantee the security of your data transmitted and any transmission is at your own risk.

Once we have received your information we will use strict procedures and security features to try to prevent unauthorised access.

3.0 Controlling information about you.

We will specifically ask you for consent to communicate with you. When you fill in a form or provide your details on our website, you will see one or more tick boxes allowing you to optin to receive information from us by email, telephone or post.

You have a right not to ask us to process your personal data for marketing and other purposes.

If you choose not to receive updates from us your request will be dealt with quickly and your details removed. We respect every individual’s right to have their details removed at any time, this includes unsubscribing from our email communications.

We may publish images on the company website of people we support, staff and others. We will not use any personal details or full names (which means first name or surname together) in a photographic image, on video, on the website or in any other marketing or publicity materials used by the company unless we have obtained an individual’s (Data Subjects) written consent.

This is particularly important because images published on the website could be viewed by people all over the world with internet access and not just in the United Kingdom,
where UK law applies.

If you have agreed that we can use your information or image, you can still change your mind easily, by contacting the Data Controller Shane Parnell, in writing using the address details set out in point 7.0 below.

4.0 Controlling and Blocking Cookies

You can use your web browser’s cookie settings to determine how a website uses cookies. If you do not want a website to store cookies on your computer or device, you should set your web browser to refuse cookies. However, please note that doing this may affect how a website functions. Some pages and services may become unavailable to you. The majority of web browsers (Firefox, Internet Explorer, Google Chrome, Opera, Safari etc) will allow you to block cookies from being installed on your device via browser settings. Depending on your browser, further information can be obtained via the following links;

Firefox – http://support.mozilla. org/en-us/kb/cookies
Internet Explorer –
Safari –

4.1 Deleting Cookies

The majority of web browser will allow you to delete selected if not all cookies currently installed on your device. Similarly, mobile phone users may have to refer to their handset manual for details on how to delete cookies using their mobile browser. Please note that this will usually only remove any cookies currently installed on your device, you must also change your browser settings if you wish to prevent cookies being installed in the future.

5.0 Security

We will always hold your information securely. To prevent unauthorised disclosure or access to your information, we have implemented strong physical and electronic security features. We also follow stringent procedures to ensure we work with all personal date in line with the General Data Protection Regulations (GDPR).

6.0 Links to our Website

Our website may contain links to other websites for example the Care Quality commission. Please note that we have no control of websites outside of our domain. If you provide
information to a website to which we link, we cannot be responsible for its protection and privacy.

Always be wary when submitting data to websites. Read the site’s data protection and privacy policy fully.

6.1 Access to Information

The General Data Protection Regulations (GDPR) gives you the right to ask us not to process your personal data for marketing or other purposes and to access the information that we hold about you and to have any inaccuracies in this data corrected. Should you wish to exercise this right should apply in writing to the Data Protection Controller using the Subject Access Request Form (SAR). The Data Protection Manager will consider each such request in accordance with all applicable data protection laws and regulations. There will be no administration charge for considering and or complying with a Subject Access Request although the Company reserves the right to charge a fee for data subject access requests (currently £10) if requests are ‘manifestly unfounded’ or deemed to be excessive in nature. The Data Protection Manager will endeavour to respond to any such written requests as soon
as possibly practicable and in any event, within 30 days of receipt of the written request for access to records and 14 working days to provide a reply to an access to information request.

7.0 Complaints Handling

Data Subjects with a complaint about the processing of their personal data, should put forward the matter in writing to the Data Controller. An investigation of the complaint will be carried out to the extent that is appropriate based on the merits of the specific case. The Data Controller will inform the Data Subject of the progress and the outcome of the complaint within a reasonable period. If the issue cannot be resolved through consultation between the Data Subject and the Data Controller, then the Data Subject may, at their option, seek redress through mediation, binding arbitration, litigation or have a right to apply directly to the information commissioner for a decision.

John Sykes
Data Controller
Ivy Mead
Littleworth Lane
S71 5RG

7.1 Breach Reporting

Any individual who suspects that a personal data breach has occurred due to the theft or exposer of personal data must immediately notify the Data Controller providing a description of what occurred. The Data Controller will investigate all reported incidents to confirm whether or not a personal data breach has occurred. If a personal data breach is confirmed the Data Controller will follow the relevant authorised procedure based on the criticality and quantity of the personal data involved. For severe personal data breaches, the company will initiate and chair an emergency response team to co-ordinate and manage the personal data breach response. The Data Controller is responsible for reporting any unauthorised disclosures of personal information, this must be reported to the Information Commissioners Office (ICO) within 72 hours, and the individuals impacted must also be informed.

7.2 Information Commissioner Office (ICO) – Notification and Registration

The company has registered its use of personal data with the information commissioner and the register reference is given below. The register can be accessed and searched on the information commissioners website:

Data Controller: John Sykes
Registration Ref: Z8006117
Customer Service Team
Information Commissioners Office
Wycliffe House
Water Lane
Website Address:
Fax: 01625 524 510
Telephone 0303 123 1113 (Local rate) or 01625 545 745 if you prefer to use national rate number.

The Data Controller will review the data protection register annually and notify the information
commissioner of any amendments.

8.0 Changes to Ivy Cottage (Ackon) Limited Privacy Policy

Any changes that we make to our privacy policy in the future will be posted on this page.

9.0 Related Documents

  • Information Security Policy and related guidance
  • Retention of Records Guidance Documentation
  • Subject Access Request and guidance form
  • Consent Form for Photography and Filming
  • CCTV Code of Practice