Kashyap Consultancy Services Ltd is a data controller under the Data Protection Act 2018; we collect and process your personal information to determine suitable services to meet your needs. Please see below 'Why we need your information' for a complete description of the public services in which we may use your data.

We are committed to protecting and respecting your privacy. Through this Privacy Notice, we have sought to be as transparent as possible to explain fully how your data is held and processed.

This Privacy Notice explains when and why we collect personal information about people who engage or get in touch with us, whether via applying or receiving our services or accessing our website. Upon visiting our websites, we will use third-party service providers to collect technical information from your device, including standard internet log information such as the Internet Protocol (IP) address, browser type and version, and specific page interaction information.

This notice explains how we collect, use, and share your information, how long we keep it, and how we keep it secure.

Each service we provide, or you engage with also has its Privacy Notice to explain in more detail how they use your information and its legal basis.

We may change this Privacy Notice occasionally, so please check this page regularly to ensure you're happy with any changes.

Any questions regarding our privacy practices should be sent by email to:info@kashyapconsultancy.com

We may collect various types of personal data about individuals depending on the services you receive and your contact with us, such as your:

We may also collect sensitive personal data that may include:

We may also record and monitor telephone calls to our Contact Centre for quality and training purposes.

Upon visiting our website, cookies collect information about website usage.

You can see more information on how we collect web usage information on our Cookies page.

We need your data to provide you with services you apply for or receive from us and where we must use the information to meet our obligations. We will only collect necessary personal data; any information we collect about you will be strictly by the Data Protection legislation and other statutory obligations.

At Kashyap Consultancy Services Ltd, we take great care in processing your information to assess your needs under the Care Act. We aim to identify the most suitable services to meet your needs. Please note that we collect data only for this purpose and will share it with the Local authority where you live or pay your council tax if you are deemed eligible under the Care Act and authorised by the Local Authority. We will also pass your information on to caregivers. Rest assured that we will inform you of any additional purposes or uses when the data is collected or used.

To determine your needs, we collect, process, and share personal or sensitive personal information with our partners, such as the NHS, Local Authority, and Domiciliary Care providers, once you or your legal power of Attorney (LPA) consent. For the following purposes:

We may also share your information with our partners to deliver or provide the services you agreed to receive. We may share with:

In most cases, this will be done where there is a lawful basis under the conditions set out in the Data Protection Legislation.

We may also share your information with third-party service providers working on our behalf to complete tasks and provide services to you on our behalf (for example, Payroll providers). However, when we use third-party service providers, we disclose only the personal information necessary to deliver the service. We have a contract that requires them to keep your information secure, as required by the Data Protection Act 2018 and General Data Protection Regulation (UK GDPR), and not use it for other purposes.

We will never use or share your personal information with third parties without your permission for marketing purposes.

We review our retention periods of the information we hold about you regularly. Your personal information is on our systems for as long as necessary.

We always act upon your choices around what type of communications you want and how you wish to receive them. Where you have signed up for one of our newsletters, we use email newsletters to inform you of what we're doing, news and events.

You have a choice about whether you wish to receive information from us. If you no longer want to receive our e-newsletters, you can do this by clicking the unsubscribe link on every email.

We may analyse your personal information to improve services and for the following purposes:

We use profiling to analyse unique aspects of a person's data, including their economic and health situation, reliability, personal preferences, and interests. Automated decision-making is the process of making decisions without human review.

Any information held by Kashyap Consultancy Services Ltd about individuals is stored securely and in compliance with the Data Protection Act 2018 and GDPR.

We are committed to protecting our registered user's data. We have implemented measures to ensure that our staff, service providers, partners and suppliers look after your information in line with good practice and the law. These follow the rules and procedures known as Information Governance (IG).

The information security measures we've put in place include:

The accuracy of your information is important to us so we can provide relevant services more quickly. If you change your address or email address, or if any of your circumstances change or any of the other information we hold is out of date, please inform the service you are receiving services from.

The UK GDPR provides the following rights for individuals:

1. The right to be informed

Individuals have the right to be informed about collecting and using their data. This is an essential transparency requirement under the UK GDPR. This 'privacy information' includes our purposes for processing your data, our retention periods for that personal data, and who it will be shared with. We must provide privacy information to individuals when we collect their data.

2. The right of access

Individuals can access and receive a copy of their data and other supplementary information. This is commonly called a subject access request or 'SAR'. Individuals can make SARs verbally or in writing.

3. The right to rectification

The UK GDPR includes a right for individuals to have inaccurate personal data rectified or completed if it is incomplete. An individual can request rectification verbally or in writing. In certain circumstances, we can refuse a request for rectification. This right is closely linked to the controller's obligations under the accuracy principle of the UK GDPR (Article (5)(1)(d)).

4. The right to erase

The UK GDPR introduces a right for individuals to have personal data erased. The right to erasure is also known as 'the right to be forgotten'. The right is not absolute and only applies in certain circumstances. Individuals can make an erasure request verbally or in writing.

5. The right to restrict processing

Individuals have the right to request the restriction or suppression of their data. This is not an absolute right and only applies in certain circumstances. When processing is restricted, we can store personal data but not use it. An individual can request restriction verbally or in writing.

6. The right to data portability

The right to data portability allows individuals to obtain and reuse data across different services. It will enable them to move, copy, or transfer personal data from one IT environment to another safely and securely without affecting its usability. Doing this allows individuals to use applications and services that can use this data to find a better deal or help them understand their spending habits. The right only applies to information an individual has provided to a controller.

7. The right to object

The UK GDPR gives individuals the right to object to the processing of their data in certain circumstances. Individuals have an absolute right to stop their data from being used for direct marketing. An individual can object verbally or in writing. You may be unable to object to your information being used, held, or shared under certain circumstances. For example, where must we safeguard a vulnerable adult or a child, where must we prevent and detect crime, or where are we required to fulfil our statutory obligations?

8. Rights about automated decision-making and profiling.

The UK GDPR has provisions for:

Article 22 of the UK GDPR has additional rules to protect individuals if they carry out solely automated decision-making with legal or similarly significant effects on them.

Where you would like to exercise your information rights or require any more information about your rights, please contact: Data Protection Officer: info@kashyapconsultancy.com

The Information Commissioner is the UK's independent body that upholds information rights.

If you want to know more about your rights under the Data Protection law and what you should expect from us,

visit the Information Commissioner's website. If you have any concerns regarding our privacy practices or about exercising your Data Protection rights, you may contact the Information Commissioner's Office:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
0303 123 1113 or 01625 545 745
casework@ico.org.uk

The terms of this Privacy Notice may change, so please recheck periodically.
Last modified on January 12, 2025