top of page

Privacy Policy

Privacy Policy

Last updated: 13 October 2025

 

Bellus Care & Support (“we”, “our”, “us”) takes the protection of personal data extremely seriously and applies privacy by design and by default. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website and services.

 

• Legal entity name: Bellus Care Limited 

• Trading name: Bellus Care & Support

• Website: www.belluscareandsupport.co.uk

• Email: admin@belluscareandsupport.co.uk

• Telephone: 0330 223 7361

• Postal address: Falcon House, Eagle Road, Langage, Plymouth, PL7 5JY

• Data Protection Lead: Senthirkumar Ramanathan

 

By providing personal data, you confirm you are over 13 years of age.

 

1) Who we are and how to contact us

 

Controller: Unless stated otherwise, Bellus Care Limited is the controller responsible for your personal data.

Contact: admin@belluscareandsupport.co.uk | 0330 223 7361

Supervisory Authority: You have the right to complain to the UK Information Commissioner’s Office (ICO): ico.org.uk, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. We would appreciate the chance to deal with your concerns first—please contact us.

 

2) What data we collect

 

We may process the following categories of personal data (depending on your interactions with us):

 

  • Identity Data: first name, last name, title, date of birth, gender, and (if supplied) proof-of-identity details.

  • Contact Data: billing/delivery address, email, telephone, emergency contact details.

  • Account & Profile Data: log‑in details, preferences, interests, survey responses, feedback.

  • Financial & Transaction Data: bank details (where required for payments), payment history, invoices. We do not directly store full card details if you pay via a third‑party processor.

  • Service & Care Data: needs assessments, care plans, notes about preferences (e.g., allergies, likes/dislikes), home environment details, legal status (e.g., Power of Attorney), scheduling information, communications.

  • Special Category Data (Health): information about health, care needs, medication. We only process this where necessary and lawful (e.g., providing care services) and, where required, with your explicit consent.

  • Usage & Technical Data: IP address, device identifiers, browser type, operating system, time zone, pages viewed, clicks, session duration, referring/exit pages, cookie identifiers.

  • Marketing & Communications Data: preferences for receiving marketing from us and our third parties.

  • Call Data (where used): call recordings/transcripts for quality assurance and training.

We do not intentionally collect information about criminal convictions/offences unless legally required (e.g., safeguarding). We do not perform fully automated decision‑making that produces legal or similarly significant effects.

 

3) How we collect data

  • Direct interactions: forms, email, phone, post, in person (e.g. assessments, enquiries, service delivery).

  • Automated technologies: cookies, pixels, tags, analytics.

  • Third parties/public sources: payment and IT providers, analytics/advertising vendors, care professionals (with authority), the NHS/Local Authorities, Companies House, the Electoral Register, and other lawful sources.

Authorised representatives: Where you provide data about someone else (e.g. a family member receiving care), you confirm you are authorised to do so and will share this policy with them.

 

4) Why we use your data (purposes & lawful bases)

 

We will only use your data where permitted by law. The table below summarises the main purposes and lawful bases (UK GDPR Article 6; Article 9 for special category data):

 

Purpose

Examples of data

Lawful basis

Provide and manage care/services

Identity, Contact, Service & Care, Health

Contract (Art.6(1)(b)); Vital interests (Art.6(1)(d)) in emergencies; Explicit consent (Art.9(2)(a)) or health/social care provision (Art.9(2)(h)) for special category data

Customer account & relationship management

Identity, Contact, Profile

Contract; Legitimate interests (service quality, records)

Payments, invoicing, refunds & debt recovery

Financial, Transaction, Contact

Contract; Legitimate interests (debt recovery)

Safeguarding & regulatory compliance

Identity, Contact, Service & Care, Health

Legal obligation; Art.9(2)(h) health/social care; Vital interests

Quality assurance, training & complaints handling

Call Data, Service notes

Legitimate interests (service improvement; accurate records)

Communications (service messages)

Contact

Contract; Legal obligation

Marketing (emails/SMS)

Contact, Marketing prefs

Consent (you can withdraw at any time)

Analytics, security & site performance

Technical, Usage

Legitimate interests (operate, secure, improve services)

Legal claims & business operations

Relevant records

Legitimate interests; Legal obligation

Change of purpose: We will only use data for the purposes collected unless we reasonably consider a compatible purpose. If we need to use it for an unrelated purpose, we will explain the legal basis and, if required, obtain consent.

 

5) Marketing preferences

 

You will receive marketing from us if you have requested information or purchased services and have not opted out, or you have otherwise given consent. You can withdraw consent or opt out at any time via unsubscribe links or by contacting us using the following email: admin@belluscareandsupport.co.uk  Opting out of marketing does not affect service communications.

 

6) Sharing your data

 

We only share personal data where necessary and lawful:

 

  • Service providers (processors): IT hosting, CRM, contact forms, email delivery, payment processors, analytics, advertising tech, call tracking, session replay, customer support tools, secure file transfer, identity verification, and document e‑signature.

  • Professional advisers & insurers: legal, accounting, banking, insurance.

  • Public bodies/regulators: HMRC, the ICO, Local Authorities, NHS bodies, Police, Courts where required.

  • Business transfers: In a merger, acquisition, or reorganisation, data may transfer to the new controller.

 

 

We require processors to implement appropriate security and process data only on our instructions. We do not sell your personal data.

 

7) Call recording and transcription (if enabled)

 

 To ensure quality, training, and accurate records, we may record and transcribe calls. Access is restricted to authorised personnel. Where a third‑party provider is used, recordings/transcripts are typically retained for up to 25 months (provider defaults may vary) and then deleted unless we must keep them for legal/regulatory reasons. We may use automated redaction to help protect sensitive data. If you do not wish to be recorded, please tell us at the start of the call and we will offer alternatives.

 

8) International transfers

 

 Some providers may process data outside the UK/EEA. Where this occurs, we ensure appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA), EU Standard Contractual Clauses with UK Addendum, or other lawful transfer mechanisms.

 

9) Data security

 

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or loss. Access is limited to personnel with a business need and subject to confidentiality obligations. We maintain incident response procedures and will notify you and the ICO of notifiable breaches where legally required.

 

10) Cookies & similar technologies

 

We use cookies, pixels, tags, and similar technologies to operate our site, personalise content, analyse traffic, improve performance, and (with consent) deliver relevant advertising. Types include:

 

  • Strictly necessary

  • Performance/analytics

  • Functionality

  • Advertising/targeting

  • Security/CDN

 

Where required, we use a consent management platform. You can change your cookie settings via our cookie banner or your browser. Some features may not function without certain cookies.

 

11) How long we keep your data (retention)

 

We retain personal data only as long as necessary for the purposes collected, including legal, accounting, or reporting requirements. Factors include data sensitivity, potential risk of harm, purpose, and legal obligations.

 

  • Customer records & contracts: typically for the duration of our relationship and then up to 6 years after last interaction for tax and legal claims.

  • Financial records (invoices, payments): 6 years from the end of the financial year.

  • Care records: in line with statutory guidance and insurer requirements

  • Call recordings/transcripts (if used): typically up to 25 months unless required longer for legal claims or compliance.

  • Marketing preferences: until you opt out or request deletion.

We may anonymise data for research/statistics; anonymised data is not subject to data protection law and may be kept indefinitely.

 

12) Your rights

 

Under UK data protection law, you have the right to:

 

  • Access your personal data;

  • Rectify inaccurate or incomplete data;

  • Erase data (right to be forgotten) in certain circumstances;

  • Restrict processing in certain circumstances;

  • Object to processing based on legitimate interests or direct marketing;

  • Data portability (receive data in a machine‑readable format and transfer to another controller);

  • Withdraw consent where processing relies on consent (this does not affect prior processing).

 

To exercise rights, please contact admin@belluscareandsupport.co.uk. We may need to verify your identity. We aim to respond within one month. You will not usually pay a fee unless requests are excessive or unfounded.

 

 

13) Third‑party links

 

Our website may include links to third‑party websites, plug‑ins, and applications. Clicking those links may allow third parties to collect or share data about you. We do not control these third parties and are not responsible for their privacy statements. We encourage you to read their policies.

 

 

14) Children

 

Our services and website are not intended for children under 13. We do not knowingly collect data from children without appropriate parental/guardian authorisation.

 

15) Email, internet transmission & security

 

Transmission of information over the internet is not completely secure. If you choose to send information to us by email or online forms, you do so at your own risk. Once received, we secure your data as described above.

 

16) Complaints

 

If you are unhappy with how we process your data, please contact us at admin@belluscareandsupport.co.uk. You also have the right to lodge a complaint with the ICO as detailed above in this policy.

 

 17) Changes to this policy

We may update this policy from time to time. The latest version will be posted on www.belluscareandsupport.co.uk with a new effective date. If we make material changes, we will notify you via email (if possible) or a prominent site notice. Where required by law, we will seek your consent for new uses of personal data.

18) Contact

 

For questions, requests, or to exercise your rights, contact:

 

Bellus Care & Support

Email: admin@belluscareandsupport.co.uk

Phone: 0330 223 7361

Address: Falcon House, Eagle Road, Langage, Plymouth, PL7 5JY

Website: www.belluscareandsupport.co.uk

bottom of page