Privacy Policy

1. Introduction

At RRG Healthcare Group Limited (“we,” “our,” or “us”), your privacy and the security of your personal data are of the utmost importance. This Privacy Policy outlines how we collect, use, disclose, and protect personal information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

This policy applies to all employees, job applicants, clients, suppliers, patients, healthcare professionals, and any other individuals whose personal data we process. By engaging with RRG Healthcare Group Limited, you consent to the collection, use, and processing of your personal data as described in this policy.

2. Information We Collect

We collect and process personal data in various forms to ensure we meet our staffing and healthcare service requirements. The personal data we collect may include, but is not limited to:

2.1 Personal Information

• Full name
• Date of birth
• Contact details (address, phone number, email)
• National Insurance number
• Passport or other identification details
• Work permit or visa status
• Emergency contact details

2.2 Employment and Recruitment Information

• CVs, employment history, qualifications, and certifications
• References and background checks
• Payroll and banking details
• Right to work documentation
• Training records, performance evaluations, and certifications (e.g., nursing, healthcare assistant)
• Job application forms and interview notes

2.3 Healthcare-Specific Data

• Health information, including pre-employment health checks, medical assessments, and workplace safety documentation
• Vaccination status and health screening results (where applicable)
• Criminal background checks (for roles requiring direct patient interaction or sensitive work)

2.4 Website and Communication Data

• IP address and device information
• Browsing behavior on our website
• Cookies and tracking technologies
• Email correspondence and communication logs

3. How We Collect Data

We collect personal data through various methods:

• Directly from individuals when they apply for jobs, use our services, or communicate with us.
• From third-party references, background checks, regulatory bodies, or publicly available sources.
• Through our website, job portals, recruitment platforms, and patient referral systems.

4. Purpose of Processing Personal Data

RRG Healthcare Group Limited processes personal data for the following purposes:

• Recruitment and Employment: To assess job applications, verify qualifications, and manage employment contracts, including the onboarding process.
• Patient Care and Healthcare Services: To deliver healthcare services, including patient consultations, treatments, and follow-ups.
• Business Operations: To provide healthcare staffing services to clients and ensure the proper functioning of our healthcare services.
• Legal and Compliance: To comply with immigration, healthcare regulations, tax laws, and other legal requirements, including Care Quality Commission (CQC) standards and relevant healthcare legislation.
• Security and Fraud Prevention: To prevent unauthorized access, fraud, and other security threats.
• Marketing (if applicable): To send promotional materials, updates, and newsletters (only with consent).
• Training and Development: To manage and document professional development activities for employees.

5. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

• Contractual Obligation: When processing is necessary to fulfill employment contracts, service agreements, or patient care agreements.
• Legal Compliance: To meet healthcare, employment, and regulatory requirements (e.g., CQC standards, NHS regulations).
• Legitimate Interests: To manage our business operations, improve services, and ensure healthcare delivery and safety.
• Consent: When explicit consent is required, such as for marketing communications or healthcare-specific data collection.

6. Data Sharing and Disclosure

We may share personal data with:

• Clients and Employers: For job placements, healthcare services, and employment contracts.
• Service Providers: Such as payroll processors, IT support, background check agencies, and healthcare supply partners.
• Regulatory Authorities: Including the Care Quality Commission (CQC), HMRC, Home Office, and law enforcement, if required by law.
• Healthcare Partners: Medical institutions, hospitals, or clinics that may be involved in patient care or professional collaboration.
• Business Partners: Where necessary for the provision of services, such as third-party healthcare systems or insurance providers.

We do not sell or rent personal data to third parties.

7. Data Storage and Retention

• Personal data is securely stored on encrypted systems and protected against unauthorized access.
• We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.
• When data is no longer required, it is securely deleted or anonymized in compliance with relevant data retention policies and regulations.

8. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption and Secure Data Storage: To safeguard personal data both in transit and at rest.
• Access Controls and Authentication Measures: Ensuring that only authorized personnel can access sensitive data.
• Regular Audits and Security Assessments: To assess vulnerabilities and implement necessary security updates.

9. Your Rights

Under the UK GDPR, individuals have the following rights:

• Right to Access: Request a copy of your personal data and information about how it is processed.
• Right to Rectification: Request corrections to inaccurate or incomplete data.
• Right to Erasure: Request deletion of personal data in certain circumstances (e.g., when data is no longer needed or consent is withdrawn).
• Right to Restriction: Request a limitation on how we process your data in specific circumstances.
• Right to Data Portability: Request the transfer of your personal data to another service provider in a structured, commonly used format.
• Right to Object: Object to the processing of personal data based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Withdraw consent for processing at any time, where applicable, such as for marketing or special category data.

To exercise these rights, please contact us using the details below.

10. Cookies and Website Tracking

Our website uses cookies and tracking technologies to enhance the user experience, including for analytics and personalized content. You can manage your cookie preferences through your browser settings. For more information, please review our Cookie Policy (if applicable).

11. Third-Party Links

Our website may contain links to third-party websites, applications, or services. We are not responsible for the privacy policies or practices of these third parties. We recommend reviewing the privacy policies of any third-party sites linked from our website.

12. Updates to this Policy

RRG Healthcare Group Limited may update this Privacy Policy from time to time. Any changes will be posted on our website, and the updated date will be indicated. We encourage you to review this policy periodically to stay informed about how we are protecting your personal data.

Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data practices, or if you wish to exercise any of your rights, please contact us at:

Thank you for trusting RRG Healthcare Group Limited with your personal data. We are committed to protecting your privacy and ensuring the safe handling of your information.