Free Carer Chat Room

For family & in-home caregivers. Share experiences, ask questions, find practical wisdom.

CarerView LogoCarerView
Go to Home

Privacy Policy

This Privacy Policy explains how CarerView (operated by GrifDigi Ltd) collects, uses, stores, and protects your personal data when you use our service. It is issued in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. GrifDigi Ltd acts as the data controller in respect of personal data you provide to us. If you have any questions about this policy, please contact us at CarerView@GrifDigi.com.

What We Collect

We collect the following categories of personal data: (a) Account data — your name, email address, and password when you register; (b) Care observation data — structured observations, notes, scores, and assessments you enter about the person in your care; (c) Team and profile data — information you provide about caregivers and care recipients associated with your account; (d) Usage and technical data — IP address, browser type, device identifiers, and log data collected automatically to operate and improve the service. Our lawful bases for processing are: performance of a contract (providing you the service you signed up for); legitimate interests (maintaining service security and preventing fraud); and, where health-related care data is entered, your explicit consent as required under Article 9 UK GDPR.

How We Use Your Data

We use your personal data to: (a) create and manage your account and authenticate your identity; (b) deliver the CarerView service, including storing and displaying your care observations; (c) send transactional communications such as account confirmations, password resets, and subscription notifications; (d) process payments securely through our payment processor, Stripe; (e) monitor and improve service performance, diagnose technical issues, and develop new features; (f) comply with our legal obligations, including responding to lawful requests from regulators or law enforcement authorities. We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

Data Storage and Security

Your data is stored on infrastructure provided by Supabase, Inc., hosted on Amazon Web Services (AWS) data centres located within the European Economic Area and the United Kingdom. All data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256. Access to personal data is restricted to authorised personnel on a need-to-know basis and protected by multi-factor authentication. We maintain appropriate technical and organisational measures to protect against unauthorised access, accidental loss, destruction, or alteration. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach and will communicate the breach to you without undue delay where required by law.

Your Rights

Under UK GDPR, you have the following rights in relation to your personal data: (a) Right of access — you may request a copy of the personal data we hold about you; (b) Right to rectification — you may ask us to correct inaccurate or incomplete data; (c) Right to erasure — you may request deletion of your personal data where there is no legitimate reason for us to continue processing it; (d) Right to restriction — you may ask us to restrict processing of your data in certain circumstances; (e) Right to data portability — you may receive your personal data in a structured, commonly used, machine-readable format; (f) Right to object — you may object to processing based on our legitimate interests; (g) Rights related to automated decision-making — you have the right not to be subject to solely automated decisions that significantly affect you. To exercise any of these rights, please contact us at CarerView@GrifDigi.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data in accordance with applicable law.

Cookies

CarerView does not use tracking, advertising, or analytics cookies. We do not place any third-party cookies on your device. Strictly necessary session cookies may be set by our authentication service solely to maintain your logged-in state during an active session; these are deleted when you close your browser or sign out. No personal data is transmitted to third parties through cookies, and no cookie consent banner is required as a result of this policy.

Last updated: {date}

Questions? Reach us atCarerView@GrifDigi.com