Carionex is designed with data protection at its core. We help care agencies meet their GDPR obligations while delivering excellent care.
As a provider of software to care agencies, we understand the sensitive nature of the data you handle. Carionex is built to support your compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
When you use our platform, you act as the data controllerfor your clients' and staff's personal data. Carionex acts as your data processor, processing data only on your behalf and according to your instructions.
We are registered with the Information Commissioner's Office (ICO) and maintain comprehensive technical and organisational measures to protect personal data.
We provide a comprehensive DPA that outlines our responsibilities as your data processor.
Our platform makes it easy to respond to access, rectification, and deletion requests.
All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Role-based access ensures staff only see data relevant to their responsibilities.
Comprehensive logging of all data access and modifications for accountability.
We only collect and process data necessary for providing our services.
All data is stored on servers located within the United Kingdom.
We conduct annual security audits and data protection impact assessments.
While we provide the tools and security, as a care agency you have responsibilities under GDPR:
All Carionex customers receive a Data Processing Agreement (DPA) that clearly defines our obligations as your data processor. The DPA covers data security measures, sub-processors, breach notification procedures, and more.
Request DPACarionex includes features to help you respond to data subject requests:
Our Data Protection Officer is available to answer your questions and help ensure your agency meets its data protection obligations.