Terms & Policies

‣ Privacy Policy

Privacy Notice

Last Updated: 11.03.2026

1. Who We Are

Abacus Care & Support Ltd (“we”, “our”, “us”) is a data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Company Number: 12365398

CQC ID: 1-8613818964

Registered Address: Devonshire Business Centre, Works Road, Letchworth, SG6 1GJ

For all data protection queries, please contact us at enquiries@abacuscaresupport.co.uk

2. What Information We Collect

We may collect personal data in the following circumstances:

Website Enquiries

Name
Email address
Telephone number
Details included in your enquiry

Referral Forms

Name and contact details of the person being referred
Details of their care or support needs as provided in the form
Contact details of the referring party

Newsletter Sign-Up

Name (where provided)
Email address

Recruitment (via integrated ATS system — planned)

Name and contact details
CV and employment history
Qualifications
Right to work documentation
References
DBS information (where required)

Technical Data

When you visit our website, we may automatically collect the following technical information, subject to your cookie preferences:

IP address (anonymised where possible)
Browser type and version
Device information
Pages visited
Time spent on pages

Data from third-party sources: We do not receive personal data about website visitors from any third-party sources.

We do not run advertising networks and do not sell personal data.

3. Lawful Basis for Processing

We process personal data under the following lawful bases:

    
            Lawful Basis
            Applies To
            Explanation
        
            Contractual necessity
            Enquiries, referrals, recruitment applications

            Processing is necessary to take steps at your request prior to or in performance of a contract, or to respond to your enquiry.

            Legal obligation
            Employment, safeguarding, regulatory compliance

            We are required to process certain data to comply with employment law, safeguarding duties, and regulatory obligations (including CQC requirements).

            Legitimate interests
            Website analytics, security, fraud prevention

            We have a legitimate interest in operating, maintaining, and improving our website; understanding how it is used; and protecting it against misuse or fraud. We have balanced these interests against your rights and consider they do not override them.

            Consent
            Newsletter sign-up; optional analytics cookies

            Where we rely on consent, you have the right to withdraw it at any time (see section below).

Lawful Basis	Applies To	Explanation
Contractual necessity	Enquiries, referrals, recruitment applications	Processing is necessary to take steps at your request prior to or in performance of a contract, or to respond to your enquiry.
Legal obligation	Employment, safeguarding, regulatory compliance	We are required to process certain data to comply with employment law, safeguarding duties, and regulatory obligations (including CQC requirements).
Legitimate interests	Website analytics, security, fraud prevention	We have a legitimate interest in operating, maintaining, and improving our website; understanding how it is used; and protecting it against misuse or fraud. We have balanced these interests against your rights and consider they do not override them.
Consent	Newsletter sign-up; optional analytics cookies	Where we rely on consent, you have the right to withdraw it at any time (see section below).

4. How We Use Your Information

We use your information to:

Respond to enquiries and referral requests
Process recruitment applications and manage our recruitment process
Send newsletters and service updates, where you have signed up and consented to receive them
Improve our website performance and user experience
Comply with legal and regulatory obligations
Maintain internal records
Prevent fraud and maintain the security of our systems

Automated decision-making: We do not carry out any automated decision-making or profiling in relation to the personal data we collect via this website.

We do not sell or rent your information.

5. Sharing Your Information

We may share information with:

Recruitment software providers (ATS platform, when implemented)
Our website platform provider (Squarespace), which hosts this website and its forms
IT and website hosting providers (including Squarespace, our website platform)
Brevo – our newsletter and marketing email platform, which stores subscriber names and email addresses on our behalf
Professional advisers (legal, HR, payroll)
Regulatory authorities where required by law (e.g. CQC, HMRC)

All third-party processors are required to handle data securely and in accordance with UK GDPR. We do not share your data with any third party for their own marketing purposes.

6. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law.

Typical retention periods:

Website enquiries and referral forms: up to 12 months
Newsletter subscriber data: retained while you maintain subscribed. Following unsubscription, your data will be deleted within 30 days
Unsuccessful job applications: up to 12 months
Successful applicants: 6 years after employment ends

7. Your Rights

Under UK GDPR, you have the right to:

Access your personal data (Subject Access Request)
Request correction of inaccurate data
Request erasure of your data (“right to be forgotten”), subject to any legal obligations we have to retain it
Restrict processing in certain circumstances
Object to processing based on legitimate interests
Request data portability (where processing is based on consent or contract and carried out by automated means)

Withdrawing consent: Where we process your data on the basis of consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal. To unsubscribe from our newsletter, use the unsubscribe link in any email we send you, or contact us at enquiries@abacuscaresupport.co.uk. To withdraw consent for analytics cookies, update your preferences via our cookie banner or adjust your browser settings.

8. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or misuse.

Our website is hosted on the Squarespace platform, which maintains its own security certifications. Where you submit information to us via an online form, transmission over the internet is not completely secure. Any such transmission is at your own risk, though we take all reasonable steps to protect data once received.

9. International Transfers

We do not routinely transfer personal data outside the UK.

Our website is hosted by Squarespace, which may process data on servers located outside the UK. Squarespace maintains appropriate safeguards for international data transfers in accordance with applicable data protection law. Where any other third-party system stores data outside the UK, we will ensure appropriate safeguards are in place before any transfer takes place.

10. Updates to This Policy

We may update this Privacy Notice from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised “Last Updated” date at the top of this notice.