Privacy Policy

Care Control Systems Limited (“We”) are committed to protecting and respecting your privacy. This privacy policy (together with our terms of use, cookie policy and any other documents referred to therein) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For collecting data covered by The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) the Data Controller is Care Control Systems.

Information We May Collect from You

We may collect and process the following data about you:

Information that you provide by filling in an enquiry form on our site. We will use this information to send answers to your enquiries only. We may also ask for further information if you are reporting problems with our website. This will be stored: on our email system. You have the right to withdraw consent at any time by asking us to delete these emails.

Information that you provide by registering to use our site, subscribing to our service, posting material or requesting further services. This will be stored: on the WordPress database, or mailing list. You have the right to withdraw consent at any time by deleting your account.

Details of transactions you carry out through our site and of the fulfilment of your orders. This will be stored: on the WordPress database and our email system. You have the right to withdraw consent at any time, deleting your account will leave the order in place but your contact details will be deleted.
If you contact us by email, we will keep a record of that correspondence. This will be stored: on our email system. You have the right to withdraw consent at any time by asking us to delete these mails.

Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access. This will be stored: on our Google Analytics account – see our Cookie Policy for further information.

IP Addresses

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.


Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

Where We Store Your Personal Data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Union (“EU”). It may also be processed by staff operating outside the EU who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our servers (see above: Information we may collect from you). Any payment transactions will be encrypted using SSL technology, and processed by an external payment processor i.e. PayPal, Stripe or other. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Uses Made of the Information

We use information held about you in the following ways:

  • To reply to your enquiries.
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
  • To allow you to participate in interactive features of our service, when you choose to do so.
    If you are an existing customer, we will contact you by phone, e-mail or SMS with information about goods and services like those which were the subject of a previous sale to you. You have the right to withdraw consent at any time.

Disclosure of Your Information

We may disclose your personal information to members of our company, which means our parent company, its subsidiaries and colleagues where appropriate.

Your Rights

You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us using our usual methods.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

If you believe that we have done something wrong by not complying with GDPR please contact us in the first instance to make a complaint for which we aim to resolve. Should you not be happy with this resolution, you do have the right to lodge a complaint with the supervisory authority, the Information Commissioner’s Office.

Access to Information

GDPR gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £5 to meet our costs in providing you with details of the information we hold about you.

Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page.


Phone Recording Policy 

This policy outlines Care Control Systems LTDs call recording process. The purpose of call recording is to provide a record of incoming and outgoing calls which can: 1. Identify practice staff training needs 2. Protect practice staff from nuisance and abusive calls 3. Establish facts relating to incoming/outgoing calls made (e.g. complaints) 4. Identify any issues in Care Control’s processes with a view to improving them.


The purpose of this policy is to ensure that call recording is managed in line with GDPR and Data retention requirements. This will generally involve the recording of telephone conversations which is subject to the Telecommunications Act 1984.


This policy applies to all Care Control Staff including any contracted or temporary workers. All calls via the telephone systems used by Care Control Systems will be recorded, including:

  1. All external incoming calls
  2. All external outgoing calls made by Care Control Staff
  3. All external call transfers

The recording will automatically stop when a Care Control staff member terminates the call.

Call playback and Monitoring

All call recordings will be undertaken by the Managing Director. Any playback of the recording will take place in a private setting and where applicable, staff members should be given the opportunity to listen to relevant recordings to receive feedback and developmental support.

All recordings will be stored securely by Care Controls phone providers 8 X 8. Access to these call recordings will be controlled by the Managing Director or in his absence Head of Operations .


The Data Protection Act allows access to information that is held about an individual and their personal data. This included recorded telephone calls.

Requests for copies of telephone conversations can be made under the Data Protection Act as a “Subject Access Request”. After assessing whether the information can be released, the requestor can be invited to Care Controls HQ to head the recording. The right to be forgotten does not override legal and compliance obligations.




Subject Access Request (SAR)

Subject Access Request (SAR) is a mechanism provided by data protection laws that allows individuals to request access to the personal data held about them by an organization.


To make a Subject Access Request to Care Control Systems, follow these steps:


  1. Contact the Human Resources department or Sally Brown who is responsible for handling SARs at Care Control Systems as our designated Data Protection Officer.
  2.  Prepare your request: Compose a written request that clearly states that you are making a Subject Access Request. Include your full name, contact details, and any additional information that can help identify your records in our systems. It’s crucial to be as specific as possible about the data you are seeking access to, including relevant timeframes or specific categories of information.
  3. Submit your request: Send your SAR to the designated contact at Care Control Systems. You can typically do this through email or postal mail, depending on the contact information provided. If you choose email, ensure that your request is encrypted or sent through a secure channel to protect your personal information.
  4.  Verification of identity: Care Control Systems may require you to verify your identity before processing your request. They may ask for additional information or documentation to confirm that you are the individual to whom the requested data relates. This step is crucial to prevent unauthorised access to personal information.
  5. Processing time: Under data protection laws, Care Control Systems has up to 30 days to respond. Care Control Systems will acknowledge your request promptly and provide an estimated response time, which will be no greater than 30 days.
  6. Data disclosure: Once your request is verified and processed, Care Control Systems will provide you with the requested personal data they hold about you. This can be in the form of a secure digital file.
  7. Review and follow-up: Upon receiving the data, review it carefully to ensure accuracy and completeness. If you have any concerns or questions about the information provided, you can contact Care Control Systems for clarification or further assistance.




Questions, comments and requests regarding this privacy policy are welcomed and should be sent using our usual contact methods.