top of page

Privacy notice


Brighter Horizons Customer Privacy Notice

Last updated 13 July 2023

At Brighter Horizons we take seriously our responsibility to protect your personal data because your privacy is important to us.

This privacy notice sets out how we collect, use and store your data and how long it is retained.


Our contact details

Our Cheif Executive is our Data Protection Officer. If you have any questions about how we collect, use or store your data or your rights, you can contact him using the details below:

Name: Dave King

Post: Downham Community Centre, 2 Shroffold Road, Bromley, BR1 5PE

Phone: 020 8698 8858



Personal data that we collect

We define personal information as information about you or that makes you identifiable to others. This could be personal data such as your name, address, email address, contact information, financial information and lifestyle details (including opinions and intentions) relevant to the services we are providing. It might also be special category data such as information relating to your health, medical history and your treatments, both current and prescribed.

We collect personal data that you disclose to us when you contact us to discuss our care and support services through our website, by telephone, email, post, face to face or social media. We retain information from our conversations with you, and through observations we make when undertaking the care services that we provide for you. We also collect and use personal data and information about other people that contribute to or affect your care and support needs such as your next of kin, power of attorney or emergency contact.

We collect this information about you so we can:

  1. Contact you by post, email or telephone

  2. Confirm your identity when talking about personal matters

  3. Understand how we can best support you in order to provide you with the services you request from us

  4. Give you advice about services and benefits that you might benefit from

  5. Obtain your opinion about our services

If you make a donation or pay fees to us via a payment device, your debit or credit card information is held not by us but by iZettle. You can find iZettle’s privacy policy at


Data that we collect from our website

We collect device identifiers such as internet protocol (IP) addresses and information about which of our web pages you visit, the type of device you use and the software. This is used for statistical and analytical purposes to improve your customer journey and experience. Our website may also provide links to other websites which have their own privacy policies. We do not accept any responsibility or liability should you access or use these links.

Data that we collect from other sources

We obtain information about you from third parties such as social and healthcare professionals and public bodies.

By public body, we mean any organisation in the United Kingdom which delivers, commissions or reviews a public service and includes (but is not limited to) the Ombudsman, local authorities, councils, unitary authorities, clinical commissioning groups, health and social care trusts, the National Health Service as well as their arm’s length bodies and regulators.

By social or health care professional, we mean any person who provides direct services, acts as consultant or is involved in the commission of a client’s healthcare or social care services, including (but not limited to) a general practitioner (GP), dental staff, pharmacists, nurses and health visitors, clinical psychologists, dieticians, physiotherapists, occupational therapists, hospital staff, social workers and other care and support related professionals.


Sharing your personal data

We do not share your personal data with third parties for marketing purposes.

Where we have a basis in law to do so, we may share appropriate personal information with:

  1. External social and health care professionals and any individuals that you nominated as client representatives or who have a legal entitlement.

  2. Public bodies that require evidence of the Charity’s compliance with contractual obligations and to satisfy regulatory frameworks.

  3. Regulatory bodies in order to further their, or our, objectives

  4. Local safeguarding Advisory Boards (SAB) regarding issues and concerns.

  5. Service providers who are contracted to support the Charity.

  6. Statutory agencies, where we are required to or authorised by law.


How we store your personal data

Data is stored on Microsoft OneDrive and Outlook as well as in paper form. Data stored online is encrypted and access is password protected. We keep your personal data only for as long as we need it. We delete your data when you withdraw your consent or when retention is no longer necessary to accomplish the purposes for which it was processed. To this end, we regularly review the personal data that we hold.

The most common data that we keep is listed below, along with information on how long we keep it for:

Privacy Notice table.png

More information on how long we keep your information for can be found in our Document Retention Policy which is available on request.


How we keep your personal information safe

We have appropriate organisational and technical security measures to protect your personal information and limit who has access. There are also appropriate safeguards in place for data transfers to protect your privacy rights.

We have procedures in place to respond to suspected data security breaches. We will notify you and any relevant authority as part of our data risk management where we are legally obliged to.


Your rights

You have rights over the way we use your information. These include:

  • The right of access. You have the right to ask us for copies of your personal information.

  • The right of rectification. You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

  • Your right to erasure. You have the right to ask us to erase your personal information in certain circumstances. The ‘right to be forgotten’ can be applied where there is no legal reason for us to continue to hold or use it.

  • Your right to restriction of processing. You have the right to ask us to restrict the processing of your personal information in certain circumstances.

  • Your right to object to processing. You have the right to object to the processing of your personal information in certain circumstances.

  • Your right to data portability. You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances

For detailed information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the UK General Data Protection Regulation.

You are not required to pay any charge for exercising your rights. If you make a request, we will respond to you within one month. Please contact us at: if you wish to make a request.


For more information

For a copy of our full Data Protection Policy please email: or contact us using the contact information at the top of this privacy notice


How to complain

If you have any concerns about how we use your personal information, please complain in writing to the data protection officer at the address at the top of this privacy notice.

You can also complain to the Information Commissioners Office (ICO) if you are unhappy with how we have used your data.

The ICO’s address is:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF

Helpline number: 0303 123 1113
ICO website:

bottom of page