data protection policy


KCA is an ethical business which is committed to the correct handling, processing and use of any personal data which is shared with us by our customers. We recognise the highly sensitive nature of information retained about staff, carers and children in the organisations with which we work. We are committed to transparency in what personal data we collect and the purposes it is used for. This data protection policy sets out the clear principles we promise to uphold when you share data with our company.

key principles

complying with the law

KCA complies with the General Data Protection Regulations (GDPR) covering anyone processing personal data. As such we will ensure that data is:

The Data Protection Requirements are not intended to prevent the processing of personal data, but to ensure that it is done fairly and without adversely affecting the rights of the individual. In accordance with the Data Protection Requirements, KCA will only process personal data where it is required for a lawful purpose. Lawful purposes include (amongst others): processing necessary for performing a contract with the individual, for compliance with a legal obligation, or for the legitimate interest of the business.

Except in circumstances where we are required to by law, or where we feel an adult or child is at risk of significant harm and we need to communicate with statutory agencies outside of KCA, KCA will not process or share sensitive personal data without explicit consent and agreement from the person(s) involved.

We will process all personal data in line with data subjects' rights, in particular their right to:

what personal data does KCA collect and why?

It is assumed that all information shared with KCA may be recorded - we will not automatically hold 'off the record' discussions unless explicitly requested. This is in order to ensure that we have appropriate records to deliver the quality of bespoke service our customers have come to expect.

There are two general categories of personal data we collect from our customers:

our pledge to transparency

KCA wishes to make sure that our customers are in control of the personal data held on our systems about them. If you would like to make a request for any personal data KCA holds on you or from your organisation then please contact us at . We will endeavour to respond to requests as quickly as possible and in any instance within one month.

We take personal data security seriously - the KCA Board will investigate all allegations of personal data misuse immediately. If you suspect KCA of a breach of data security please contact the organisation immediately at or by calling 01453 488400.

KCA reserve the right to change this policy at any time. Where appropriate, we will notify changes by mail or email.