Privacy Policy

1. Introduction

Carionex Ltd ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

We are registered with the Information Commissioner's Office (ICO) and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

We collect information in several ways:

2.1 Information You Provide

• Account information (name, email, phone number)
• Company information (agency name, address, CQC registration)
• Staff information (employment details, qualifications, certifications)
• Client information (care plans, contact details, health information)

2.2 Information Collected Automatically

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent)
• Location data (GPS coordinates during clock-in/out, with consent)

3. How We Use Your Information

We use your information to:

• Provide and maintain our platform services
• Process shift scheduling and time tracking
• Generate payroll and invoicing reports
• Ensure compliance with CQC regulations
• Send important service updates and notifications
• Improve our platform and develop new features
• Respond to your enquiries and support requests

4. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers who assist in operating our platform (hosting, payment processing)
• Regulatory bodies when required by law (CQC, HMRC)
• Your care agency (for staff using the platform)
• Third parties with your explicit consent

5. Data Security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit and at rest, regular security assessments, access controls, and staff training. However, no method of transmission over the internet is 100% secure.

6. Data Retention

We retain your data for as long as necessary to provide our services and comply with legal obligations. Care records are retained for a minimum of 8 years in accordance with CQC requirements. You may request deletion of your data subject to these obligations.

7. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data (subject to legal requirements)
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent at any time

8. Cookies

We use essential cookies to operate our platform and optional analytics cookies to improve our services. You can manage cookie preferences in your browser settings.

9. Contact Us

For privacy-related enquiries or to exercise your rights, contact our Data Protection Officer: