Capegold Care is committed to protecting personal data and respecting privacy in line with United Kingdom data protection law. This policy explains how personal information is collected, used, stored, and protected in accordance with the United Kingdom General Data Protection Regulation and the Data Protection Act 2018.

Who we are
Capegold Care is a nurse led healthcare staffing agency based in Somerset, supplying healthcare professionals across England and Wales. Capegold Care acts as the data controller for personal data collected through this website and related communications.

Personal data we collect
Personal data is collected when you contact us, submit an enquiry, apply for work, or request staffing support. This includes names, contact details, employment history, availability, references, identification details required for compliance, and any information you choose to provide. Limited technical data is also collected, such as IP address, browser type, and website usage data.

How personal data is used
Personal data is used to respond to enquiries, manage recruitment and staffing services, carry out employment and compliance checks, communicate with applicants and clients, place staff into suitable roles, and meet legal and regulatory obligations within health and social care.

Lawful basis for processing
Personal data is processed under lawful bases set out in the United Kingdom General Data Protection Regulation. These include consent, contractual necessity, legal obligation, and legitimate interests linked to recruitment, employment, safeguarding, and service delivery.

Sharing personal data
Personal data is shared only where necessary and appropriate. This includes sharing with care providers for placement purposes, referees for verification, Disclosure and Barring Service providers, training providers, payroll partners, and regulatory or statutory bodies where required by law. Personal data is never sold or shared for marketing purposes.

Data storage and security
Personal data is stored securely using appropriate technical and organisational measures. Access is restricted to authorised personnel only. Data is retained only for as long as required to meet legal, regulatory, safeguarding, and operational requirements.

Your data protection rights
Under United Kingdom data protection law, you have the right to request access to personal data, request correction of inaccurate information, request erasure where legally applicable, request restriction of processing, and raise concerns about data handling. Requests are handled within statutory timeframes.

Cookies and website data
This website uses essential cookies and consent based analytics cookies. Further information is available in the Cookie Policy. Cookies do not collect sensitive personal data.

Complaints and oversight
If you have concerns about how personal data is handled, you have the right to raise a complaint with the Information Commissioner’s Office, the United Kingdom supervisory authority for data protection.

Policy updates
This Privacy Policy is reviewed regularly and updated to reflect changes in legislation or business practices. Continued use of the website confirms acceptance of the current version.

For questions relating to this policy or data protection matters, contact us using the details provided on the website.

Updated- 12 February 2026