Privacy Policy

About This Policy

Carelogr is a care management platform designed for domiciliary and residential care providers in the United Kingdom. This policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using Carelogr, you agree to the practices described in this policy.

What Data We Collect

We collect and store the following categories of data:

• Staff information — names, contact details, employment records, training and compliance records
• Service user information — personal details, care plans, health conditions, medication records, risk assessments, and visit notes
• Visit and shift records — scheduled and completed visits, care activities, and handover notes
• Photos and documents — profile photos, care documents, and attachments uploaded by staff
• Login and access logs — authentication tokens, session activity, and timestamps

How We Use Your Data

Data is used solely to provide the Carelogr service to your organisation. Specifically:

• Managing care plans, risk assessments, and service user records
• Recording and reviewing staff visits and care activities
• Supporting regulatory compliance and audit trails
• Generating reports and summaries for care managers
• Providing the mobile carer app interface

We do not sell, share, or use your data for advertising or marketing purposes.

Data Security

We take the security of personal and sensitive care data seriously:

• All data is encrypted in transit using HTTPS/TLS
• Data is stored in secure cloud databases hosted in managed environments
• Access is controlled by role-based permissions and authenticated tokens
• Sensitive health data is only accessible to authorised staff within your organisation

Data Ownership

All service user and staff data belongs to the care organisation using the platform. Carelogr acts as a data processor on your behalf — you remain the data controller and are responsible for ensuring your use of the platform complies with applicable data protection laws.

Your Rights

Under UK GDPR, individuals have the right to:

• Access the personal data held about them
• Request correction of inaccurate data
• Request erasure of their data (right to be forgotten)
• Object to or restrict certain types of processing
• Data portability

To exercise any of these rights, please contact your organisation's care manager or reach out to us directly at the address below.

Data Retention

We retain data for as long as required to provide the service and meet legal obligations. Care records may be subject to specific retention requirements under CQC or NHS guidance. When an organisation ends its use of Carelogr, data can be exported or deleted on request.