Privacy Policy

Effective date: 8 March 2026

1. Introduction

Care Connect ("we", "our", "us") operates the Care Connect Mobile application (the "App"). The App is a business-to-business (B2B) tool provided to care companies to help manage their care operations. It is not intended for public consumer use.

This Privacy Policy explains how we collect, use, and protect the personal information of authorised staff members who access the App through their employer organisation.

2. Information We Collect

The App collects only the information necessary for authentication and core functionality:

Login Credentials: Username and password used to authenticate via your employer's account system (AWS Cognito). We do not store passwords on your device — only secure authentication tokens.
User Profile: Your name and staff role as provided by your employer organisation.

All other data displayed in the App (shifts, service users, medication records, care notes) belongs to and is managed by your employer organisation. We process this data on their behalf to enable the App's functionality.

3. How We Use Your Information

Your login information is used solely to:

Authenticate your identity and grant access to the App.
Retrieve your assigned shifts and relevant care data from your employer's system.
Maintain a secure session so you do not need to re-enter credentials on every use.

We do not use your information for advertising, profiling, analytics, or any purpose unrelated to the core operation of the App.

4. Data Storage and Security

All data is transmitted over encrypted HTTPS connections.
Authentication tokens are stored securely on your device using platform-provided secure storage (Android Keystore / iOS Keychain).
Limited data may be cached locally on your device for offline access. This cached data is not accessible to other applications.
Server-side infrastructure is hosted on Amazon Web Services (AWS) with industry-standard security controls.

5. Data Sharing

We do not sell, trade, or share your personal information with third parties. Your data is only accessible to:

Your Employer: The care company that provides you access to the App. They are the data controller for all care-related information.
Infrastructure Providers: AWS provides cloud hosting and authentication services.
Legal Obligations: We may disclose information if required by law, regulation, or legal process.

6. Data Retention

Your login credentials and session data are retained on your device only while your account is active. When you sign out, authentication tokens are removed from your device. Locally cached data is cleared when you sign out or uninstall the App.

Server-side account data is managed by your employer organisation and retained in accordance with their data retention policies and applicable care sector regulations.

7. Your Rights

As the App is provided through your employer, requests regarding your personal data should be directed to your employer organisation in the first instance. You have the right to:

Access your personal data.
Correct inaccurate personal data.
Request deletion of your account (subject to your employer's policies and regulatory retention requirements).

You may also contact us directly using the details below.

8. Children's Privacy

The App is a professional business tool intended for authorised care workers aged 18 and over. We do not knowingly collect information from children under 18.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of the App after changes constitutes acceptance of the revised policy.