Care Direct Technology Ltd (“We”) are committed to protecting and respecting your privacy.

 For the purpose of the Data Protection Act 2018 (“the Act”), the data controller is Care Direct Technology Ltd, 35 The Balcony, Castle Arcade, Cardiff CF10 1 BY, UK (registration number 12064619).

This policy together with our Product Terms of Use and any other documents referred to in it, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. We handle data in accordance with GDPR regulations.

This policy only applies to the Care Direct app for any operating system platform or device on which it is installed (“the App”). If you leave the App via a link or otherwise and go to a different website, you will be subject to the privacy policy of that website and we do not accept any responsibility or liability for those policies. This Privacy Policy therefore only relates to the App itself.

Information we collect about you

The Care Direct app collects personally identifiable information (PII) from you solely to operate the Service as described in the “How we use your data” section. We will not pass your personally identifiable information onto any third parties.

The Service enables an individual (a ‘carer’) to access the data of another individual (‘the user’), who has given their consent for them to act as their care provider. To facilitate this, the Service may collect personally identifiable information from both the carer and the user. To provide support in line with the features of our other products, such as our Smartwatch and Smarthub, we also access (but do not collect) your device location, if you have enabled this for the app on your device. Your location is only needed to set up the geofenced zone for the Smartwatch user. Other than this, your location data will not be accessed.

Information we collect when you use the app

• Email address
• First and last names
• Language
• Phone number/ alternative phone number
• Your role (whether you are a carer, family member or user)
• Phone model, hardware and operating system
• Any photos uploaded by you
• Firebase ID
• Chats between users. These are encrypted so the message content cannot be read. These are stored in our secure servers.
• Cameras access logs, i.e. who accessed the camera and when
• Video call logs
• Alerts and sensor data*
• Steps, Heart Rate and all data related to the Smart Watch*

* Where used in conjunction with the App

Location data

We do not collect or store your geolocation data from your device and can only access it after you explicitly give your permission. We use your location data in the following ways:

• Your location as a basis for setting a geofenced zone (optional) – if you give your consent, we access your location only while you’re using the geofence setting part the app so that we can show you a likely area (i.e. nearby) you may want to set as an ‘allowed’ area for the user to go using a mapping tool.

When you first use this part of the Service, you will be asked for permission to use your location. If permission is granted, your location will be used solely for the purpose of setting geofenced zones. This permission is remembered so that you don’t have to expressly grant permission for us to access your location each time you wish to change the geofenced area.

Opting-out

You can easily opt out of sharing your location data at any time by updating the Settings on your device for this app.

How we use your data

Data is collated to create user profiles, enabling us to ensure that only carers and family members approved by the user can access their data from the Care Direct products they are using e.g. sensors, watch, hub etc.

We will only use your data for the following purposes:

• To create a user profile which is unique to you
• To safeguard users by only allowing authorised personnel to access their data.
• To provide technical support and to respond to your enquiries
• To communicate about new features of the Service
• To prevent fraud or illegal activities
• To improve the Service, your experience and the wider understanding of care in the community

How we share your user information

Your information is aggregated into non-identifiable information and shared with selected specialist academics. We do not provide any personally identifiable information to any other third parties for any reason.

How we protect your information

We maintain safeguards designed to protect the information that we collect about you, against accidental or unauthorized access or disclosure.

Where your information is stored

Data is stored on secure AWS servers in accordance with any local regulations. All personally identifiable information is deleted from our servers after 13 months. The data that we collect from you may be transferred to, and stored at, a destination outside the EU. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers.

Disclosure of your information

We may disclose your personal information to third parties only in the following situations:

• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Your rights

You may stop using the Service at any time by uninstalling the Care Direct app. Subject to applicable law, we can provide you with the personally identifiable information we have retained, with the ability to review, correct, update or delete the information. Access requests will be dealt with in line with the Information Commissioner’s Office guidelines. Subject to applicable law, we may limit or deny access to your information where providing such access is unreasonably arduous or expensive.

You have the right to be ‘forgotten’ from this system and to request that your personal data held in the System shall be erased. To exercise this right please contact us at the address specified in the “How to contact us” section of this policy identifying yourself with the email address with which you signed in to the App, or the MAC address of your device. Upon receiving such a request, we shall process that request if it is valid and confirm the requested action has been taken within 10 working days.

Updates to this policy

This privacy policy may be updated periodically, to reflect changes in our practices or any other purpose. Should the policy be updated, you will be prompted to accept these changes the next time you launch the app.

How to contact us

If you have any comments, concerns or questions about this policy, please email support@caredirect.tech . You may also write to us: Care Direct Technology Ltd, 35 The Balcony, Castle Arcade, Cardiff CF10 1DD.