CareMate — Privacy Policy

1. Data Controller

Entity: DemandPR Ltd t/a CareMate
Registered Office: Suite G04, 1Quality Court, Chancery Lane, London, WC2A 1HR
Email Contact: privacy@caremate.app
Applicable Laws: UK GDPR, Data Protection Act 2018, Nigeria Data Protection Regulation (NDPR), and other relevant regulations.

2. Information We Collect

2.1 From Clients (Families Abroad):

Personal details: Name, email, phone number, address.
Payment information (processed via Stripe).
Subscription and booking history.
Communication records with caregivers.

2.2 From Care Recipients (Elderly Loved Ones):

Personal details: Name, age, gender, address.
Health information (medical history, medications, vaccination records, conditions).
Care reports and progress notes.

2.3 From Care Providers (Caregivers):

Personal details: Name, contact info, address.
ID and verification documents.
Qualifications, licenses, and certifications.
Criminal background checks (e.g., DBS or local equivalents).
Insurance information.
Work history and references.

2.4 Automatically Collected Data:

Device information (model, OS, identifiers).
IP address, geolocation (where enabled).
Cookies and usage analytics.

3. Special Category Data

We process sensitive data such as:

Health Data – only with explicit consent, for care coordination.
Criminal Conviction Data – for background checks on caregivers, required for safety.

Legal bases: explicit consent, performance of contract, and compliance with legal obligations.

4. How We Use Your Data

Provide and improve CareMate services.
Facilitate caregiver onboarding, verification, and matching.
Process payments securely through Stripe.
Enable communication between families and caregivers.
Generate care activity logs and reports.
Comply with legal and regulatory requirements.
Prevent fraud, abuse, or unsafe behavior on the Platform.

5. Sharing Your Data

We may share data with:

Care Providers – to deliver services.
Clients – to manage bookings and ensure care.
Payment Processors (Stripe) – for secure billing.
Background Check Services – for caregiver verification.
Cloud Hosting Providers (AWS, etc.).
Regulators or Law Enforcement – where legally required.

We never sell personal data.

6. International Data Transfers

As a cross-border platform:

Data may be transferred between the UK, Nigeria, and other locations where our hosting providers operate.
Safeguards include:

Standard Contractual Clauses (SCCs).
UK GDPR adequacy mechanisms.
NDPR compliance for Nigerian data subjects.

7. Data Retention

Caregiver and Client records: 6 years after last activity.
Financial/payment records: minimum 6 years (tax law).
Health and care records: as long as required to support continuity of care and legal compliance.

8. Security Measures

Encryption (in transit and at rest).
Multi-factor authentication for staff access.
Access control and audit logs.
Regular security testing and monitoring.

No system is 100% secure, but we work to minimize risks.

9. Your Rights

Under UK GDPR and NDPR, you have the right to:

Access your data.
Correct inaccuracies.
Request deletion (where legally permissible).
Restrict or object to processing.
Data portability.
Withdraw consent at any time (for health or sensitive data).

Requests: email privacy@caremate.app.

10. Children’s Privacy

CareMate is not intended for individuals under 18. We do not knowingly collect data from minors without parental/legal guardian consent.

11. Cookies

We use cookies and similar technologies to:

Keep you logged in.
Improve app and website performance.
Analyze traffic and usage trends.

See our Cookie Policy for details.

12. Changes to this Policy

We may update this policy from time to time. We will notify users of material changes via in-app notice or email.

13. Contact Information

Email: careteam@caremateapp.com
Address: Suite G04, 1Quality Court, Chancery Lane, London, WC2A 1HR
Supervisory Authority (UK): Information Commissioner’s Office (ICO).
Supervisory Authority (Nigeria): Nigeria Data Protection Commission (NDPC).