Feedback and Complaints

At PROMIS Clinics, we take all complaints seriously and aim to resolve concerns quickly and fairly. We value feedback from service users and their families as it helps us improve our services. Below is an overview of our complaints process.

How to Make a Complaint

You can make a complaint in the following ways:

• In person (should you be accessing our residential services)
• By telephone 01619 067 695
• By email
• In writing

Contact details:

Hay Farm

Email: enquiries@promisclinics.com
Address: PROMIS Hay Farm, Hay Lane, Ham, Kent CT14 0EE

Kendrick Mews

Email: enquiries@promisclinics.com
Address: 2 Kendrick Mews, South Kensington, SW7 3HG

What Happens Next?

• You will receive an acknowledgement within one week of your complaint.
• We will investigate and aim to respond within 28 days.
• If further investigation is required, we will keep you informed throughout the process.
• You will receive a formal written response outlining our findings and any actions taken.

Who Handles Complaints?

• Complaints are handled by the PROMIS management and compliance teams. 

Escalation Process

If you are not satisfied with our response, you may escalate your complaint to external bodies:

• Local Government Ombudsman (LGO) – for independent review
  Tel: 0300 061 0614
  Email: advice@lgo.org.uk
  Website: www.lgo.org.uk
• Care Quality Commission (CQC) – to provide feedback on our services
  Tel: 03000 616161
  Address: CQC, Citygate, Gallowgate, Newcastle upon Tyne, NE1 4PA

Additional Information

• Complaints should be made within 12 months of the issue occurring.
• All complaints are recorded and reviewed regularly to improve our services.
• If you need help making a complaint, we can assist you in contacting an independent advocacy service.
• Where concerns raise serious issues, these will be managed in line with our safeguarding, governance, and employment procedures.

We are committed to providing the highest standard of care and ensuring that all concerns are addressed effectively and transparently.

Confidentiality Policy at PROMIS Clinics

At PROMIS Clinics, we are committed to maintaining the confidentiality of all personal information belonging to our service users and staff. Our policy ensures compliance with the UK GDPR, Data Protection Act 2018, and the Human Rights Act 1998, safeguarding privacy, promoting trust, and ensuring information is handled lawfully, fairly, and transparently.

Key Principles of Confidentiality

PROMIS Clinics adhere to the following principles when handling personal data:

1. Lawfulness, fairness, and transparency—information is handled in compliance with the law.
2. Purpose limitation: data is only used for its intended purpose.
3. Data minimisation: only necessary information is collected and processed.
4. Accuracy: data is kept up to date and correct.
5. Storage limitation: data is not retained longer than necessary.
6. Integrity and confidentiality (security): information is protected against unauthorised access.
7. Accountability: Staff ensure compliance with confidentiality policies.

Confidentiality Guidelines

• PROMIS ensures all personal information must be treated with the strictest confidence.
• Information is only to be used for the purpose for which it was provided.
• No Personal information is not shared without your consent unless there is a lawful basis to do so, such as safeguarding concerns or statutory obligations.
• Your data is not shared with family members without prior written consent, documented using the PROMIS Release of Information form.
• Unauthorised access to records is strictly prohibited.
• Physical and electronic records must be securely stored and disposed of appropriately.

Exceptions to Confidentiality

• Confidentiality may be breached where there is a lawful basis to do so, including:
• Where information indicates a serious risk to your safety or the safety of others
• Where disclosure is required to meet safeguarding responsibilities
• Where there is a legal obligation to disclose information, including in relation to criminal activity.
• Where a statutory or regulatory body, such as the Care Quality Commission (CQC), has a lawful right of access

Training and Compliance

• All staff working at PROMIS receive training in confidentiality and record keeping.
• Data storage and systems are subject to regular auditing, and practice is reviewed regularly.
• Weekly management meetings review confidentiality incidents to improve practices.
• Any breaches of confidentiality are investigated, with corrective actions implemented as required.

Should you wish to contact us for any matter relating to confidentiality, please email us at enquiries@promisclinics.com

Privacy Policy at PROMIS Clinics

We respect the privacy of all our users and therefore collect and store only the data we require to provide our services to you, and ensure is stored in a safe manner ensuring your privacy.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Contact Information

You may contact us via contact forms on this site or by phoning us directly via the numbers published on this site. We will collect your name, email and/or a phone number so we can get in touch with you, as well as any other contextual information provided by you so that we can advise you accordingly about the services we provide and how they may help you.

Analytics

Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

We use Google Analytics to help us understand how our customers use the site — you can read more about how Google uses your Personal Information. You can also opt-out of Google Analytics here.

We also use JetPack statistics to monitor site usage;you can see Automattic’s privacy policy.

Who we share your data with

We do not and will never sell or transfer your data for reasons other than providing you with a better service on our own websites whilst maintaining your privacy and security. All third party services adhere to strict security and privacy policies which are also in accordance with UK GDPR and applicable data protection legislation. We use various services in order to achieve this including:

• Hosting services for storing and serving information related to this website.
• Analytics services for monitoring site usage.
• CRM software for managing communication via email or phone between ourselves and those contacting us for information about our services.
• Email Services for sending and storing email communication.

How long we retain your data

Comments and associated metadata are retained indefinitely unless removal is requested, to support moderation and continuity of discussion.

When you contact us, we will retain data concerning our communication until you ask us not to, in order to provide a better service should you contact us again.

What rights you have over your data

If you have previously left comments on our blog or gotten in touch with us directly, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

You can request this information or for your information to be erased by contacting us here.

How we protect your data and what data breach procedures we have in place

We protect customer data with the following site features:

• We are entirely using SSL/HTTPS throughout all our sites. This encrypts our user communications with the servers so personal identifiable information is never captured by third parties without authorisation.
• We use firewalls and malware scanners to prevent unauthorised access to your data.
• Databases are sanitised (actual user personal details are removed) before deploying to a development or testing environment.

In case of a data breach, system administrators will immediately go through affected users and will attempt to reset passwords if needed after informing the user.