Privacy Policy

1. Introduction

Find a Caregiver is committed to protecting and respecting your privacy. This notice sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.

For the purposes of data protection legislation, the data controller is Find a Caregiver. If you have any questions about this Privacy Notice or how we handle your personal information, please contact us at privacy@findacaregiver.co.uk.

2. Data Protection Principles

We will comply with data protection law. This means that the personal information we hold about you must be:

• Used lawfully, fairly and in a transparent way.
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• Relevant to the purposes we have told you about and limited only to those purposes.
• Accurate and kept up to date.
• Kept only as long as necessary for the purposes we have told you about.
• Kept securely.

3. What types of personal information do we collect?

We may collect, store, and use the following categories of personal information about you:

Identification & Contact Information

• Full name, date of birth, and gender.
• Contact details including address, email address, and telephone number.
• Identity verification documents such as passport, driving licence, or national identity card.
• Professional information including qualifications, employment history, references, and DBS check results (for carers).
• Profile information, photographs, and any other information you provide.
• Communications between you and us or other users of the platform.

Financial Information

• Bank account details for payment processing.
• Transaction history and billing records.
• Payment card details (processed securely by our payment provider).

4. How do we collect your personal information?

We collect personal information about you through various means, including:

• Direct interactions — when you register for an account, complete your profile, use our platform, or contact us.
• Automated technologies — as you interact with our website, we may automatically collect technical data such as your IP address, browser type, and pages visited using cookies and similar technologies.
• Third parties — such as identity verification providers, background check agencies, and payment processors.

5. Why and how do we use your personal information?

We will only use your personal information when the law allows us to. Most commonly we will use it in the following circumstances:

• To register you as a new user and manage your account on the platform.
• To facilitate connections between care seekers and caregivers.
• To process payments and manage billing.
• To verify your identity and carry out background checks (for carers).
• To communicate with you about your account, bookings, and our services.
• To ensure the safety and security of our platform and users.
• To comply with our legal and regulatory obligations.
• To improve and personalise your experience on the platform.
• To send you marketing communications where you have consented to receive them.

6. What if you fail to provide personal information?

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (for example, providing access to the platform or processing payments), or we may be prevented from complying with our legal obligations (such as identity verification requirements). In some cases, failure to provide information may mean we are unable to create or maintain your account.

7. Why and how do we use your sensitive personal information?

Some information we collect is classified as “special category” data under UK GDPR (also known as sensitive personal information). This may include:

• Health and medical information (relevant to care needs or a carer's fitness to work).
• Criminal records information (obtained through DBS checks for carers).

We will only process sensitive personal information where we have a lawful basis for doing so, such as your explicit consent, or where it is necessary for reasons of substantial public interest in accordance with applicable law.

8. Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

9. Who has access to your personal information?

We may share your personal information with:

• Other users of the platform, to the extent necessary to facilitate connections (e.g. a care seeker viewing a carer's profile).
• Service providers who perform services on our behalf, such as identity verification providers, background check agencies, payment processors, and IT service providers.
• Professional advisers including lawyers, bankers, auditors, and insurers.
• Regulatory authorities, law enforcement agencies, and courts where required by law.
• Prospective buyers or sellers in the event of a merger, acquisition, or sale of our business.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law.

10. How does the Company protect your personal information?

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. These include:

• Encryption of data in transit and at rest.
• Access controls limiting who can access personal information.
• Regular security assessments and penetration testing.
• Staff training on data protection and information security.
• Incident response procedures in the event of a data breach.

We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

11. For how long does the Company keep your personal information?

We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

12. Your rights in connection with your personal information

Under certain circumstances, by law you have the right to:

• Request access to your personal information (commonly known as a “data subject access request”).
• Request correction of the personal information that we hold about you.
• Request erasure of your personal information.
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party).
• Request restriction of processing of your personal information.
• Request the transfer of your personal information to you or to a third party.
• Withdraw consent at any time where we are relying on consent to process your personal information.

If you wish to exercise any of the rights set out above, please contact us at privacy@findacaregiver.co.uk. You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

13. Transferring personal information outside the EEA

We may transfer your personal information outside the UK and European Economic Area (EEA) when working with service providers located in other countries. Whenever we transfer your personal information out of the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information.
• Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal information the same protection it has in the UK.

14. Automated decision making

We may use automated decision-making processes in limited circumstances, such as matching care seekers with suitable caregivers based on criteria you provide. We do not make solely automated decisions that have a significant legal or similarly significant effect on you. You have the right to request human review of any automated decisions where required by law.