Data Protection Statement

Published on: 12/01/2022 • Last EDITED on: 12/01/2022

1. Introduction


We have designed our business and its systems from the bottom up with privacy in mind and have taken every step to comply with the Data Protection Act 1998 (the “Act”) and EU Regulation 2016/679 – the General Data Protection Regulation in effect from 25 May 2018 (“GDPR”), including working towards a Data Protection Impact Assessment (DPIA) and assigning a Data Protection Officer (DPO).


We are ICO registered with registration number ZA310961.

2. Security


All resident information you provide to us is stored using Amazon Web Services and hosted within the European Economic Area (“EEA”), as per the GDPR.


Any payment transactions and database information are encrypted using SSL technology and AES-256 (the top end of the NHS recommended standards) respectively.


Access to data is only granted with valid login credentials to users who have been given access by care providers themselves.

3. Control of data


Log my Care is strictly a Data Processor as defined in Article 28 of the GDPR. We do not own data entered into our system; this is passed on by each care provider who is classed as a Data Controller.

4. Your data compliance


As a care provider you are a Data Controller and should, by law, carry out a Data Protection Impact Assessment (DPIA). Essentially, it’s a risk assessment of what could go wrong in the cyber world.

Want to know more?


See our partners

Proud to care

Learn more

Refer us

Learn more


Learn more
By clicking 'Accept', you agree to the storing of cookies on your device to enhance site navigation, analyse site usage and assist in our marketing efforts. View our Cookie Policy for more information.