Website Privacy Policy

1. Background

1.1

At Log my Care, your privacy is important to us and we care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits this website logmycare.co.uk (“our site”) and will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law.

1.2

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of our Privacy Policy is deemed to occur upon your first use of our site. If you do not accept and agree with this Privacy Policy, you must stop using our site immediately.

This site is not intended for children and we do not knowingly collect data relating to children.

This Privacy Policy supplements (and its terms apply in addition to) any other terms of use or other terms and conditions agreed between you and us from time to time, including but not limited to our Website Terms of Use and any SaaS Agreement you enter into with us.

1.3

In this Policy, the following terms shall have the following meanings:

Account

Means an account required to access and/or use certain areas and features of our site.

Cookie

Means a small text file placed on your computer or device by our site when you visit certain parts of our site and/or when you use certain features of our site. Details of the cookies used by our site are set out in Section 12 below and in our Cookie Policy.

Cookie law

Means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003.

Personal data

Means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to us via our site, when you sign up to our newsletters or sign up to our services. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”).

Our products

Means all software and websites created by us that have restricted access and have been designed for use by providers of social care.

We/us/our

Means LMC Software Limited, a limited company registered in England under company number 10904934. We are the controller and responsible for your personal data.

2. Information about us

2.1

Our site is owned and operated by us.

2.2

We have appointed a Data Protection Officer who is responsible for overseeing questions in relation to this Privacy Policy. Our Data Protection Officer can be contacted by email at hello@logmycare.co.uk.

3. What does this Policy cover?

3.1

This Privacy Policy applies only to your use of our site. Our site may contain links to other websites. Please note that we have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

3.2

Some services we provide to our customers may integrate Google Maps Platform APIs (such as the Distance Matrix API) to support location-based functionality within customer applications. In such cases, the use of these services is subject to the Google Terms of Service and governed by the Google Privacy Policy. We do not control these third-party services and are not responsible for their privacy statements. We encourage you to read the privacy policy of every third party website or application you visit. Any collection or processing of geolocation data is carried out solely on behalf of our customers (for the purpose of enabling customer users to track the location of carers and manage staff rostering) in our capacity as a data processor and strictly in accordance with our data processing agreements. We do not use geolocation data for our own purposes.

4. Your rights

4.1

As a data subject, you have the following rights under the GDPR, which this Policy and our use of personal data have been designed to uphold:

• The right to be informed about our collection and use of personal data.
• The right of access to the personal data we hold about you (see Section 11).
• The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details in Section 14).
• The right to be forgotten – e.g., the right to ask us to delete any personal data we hold about you (we only hold your personal data for a limited time, as explained in Section 7 but if you would like us to delete it sooner, please contact us using the details in Section 14).
• The right to restrict (e.g., prevent) the processing of your personal data.
• The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation).
• The right to object to us using your personal data for particular purposes.
• Rights with respect to automated decision making and profiling.
• The right to withdraw consent at any time where we are relying on consent to process your personal data.

4.2

If you wish to exercise any of the rights set out above or if you have any cause for complaint about our use of your personal data, please contact us using the details provided in Section 14 and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

4.3

For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

5. The information we collect

5.1

Depending upon your use of our site, we may collect some or all of the following personal and non-personal data (please also see Section 12 and our Cookie Policy on our use of cookies and similar technologies):

• Name
• Date of birth
• Gender
• Business/company name
• Job title
• Profession
• Contact information e.g., email addresses and telephone numbers
• Demographic information e.g., postcode, preferences and interests
• Financial information e.g., credit/debit card numbers
• IP address
• Web browser type and version
• Operating system
• Usage data including a list of URLs starting with a referring site, your activity on our site and the site you exit to
• Marketing data including your preferences in receiving marketing from us and our third parties and your communication preferences.

5.2

We do not collect or process any personal information from you that is considered "Sensitive Personal Information" under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.

6. How your information is used

6.1

All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the GDPR at all times. For more details on security, see Section 7 below.

6.2

Our use of your personal data will always have a lawful basis, for example because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (e.g., by subscribing to emails), or because it is in our legitimate interests. Specifically, we may use your data for the following purposes:

• Providing and managing your account
• Providing and managing your access to our site and our products
• Personalising and tailoring your experience on our site
• Supplying our products or services to you (please note that we require your personal data in order to enter into a contract with you)
• Personalising and tailoring our products or services for you
• Replying to messages from you
• Supplying you with emails that you have opted into (you can unsubscribe using the links provided in our emails)
• Analysing your use of our site and gathering feedback to enable us to continually improve our site and your user experience.

6.3

With your permission and/or where permitted by law, we may also use your data for marketing purposes, which may include contacting you by email, telephone, text message or post with information, news and offers on our products or services.

6.3.1

We will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003. We will get your express consent before we share your personal data with any third party for their own direct marketing purposes.

6.3.2

Google AdWords uses your data for the personalisation of ads in line with their Privacy & Terms Policy.

6.4

Third parties (including Google Analytics, Google AdWords, Intercom, YouTube) whose content appears on our site may use third-party cookies, as detailed below in Section 12. Please refer to Section 12 for more information on controlling cookies. Please note that we do not control the activities of such third parties, nor the data they collect and use, so advise you to check the privacy policies of any such third parties.

6.5

You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it.

7. Security, data retention and storage

7.1

We only keep your personal data for as long as we need to in order to use it as described above in Section 6, and/or for as long as we have your permission to keep it. We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Data will generally be retained for up to 6 months since your last visit to our site, unless under law we have to keep basic information about our customers for longer (including contact, identity, financial and transaction data). Generally this personal data will be kept for six years after you cease being customers for tax purposes. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

7.2

Some or all of your data may be stored outside of the European Economic Area (“the EEA” - The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). You are deemed to accept and agree to this by using our site and submitting information to us. If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR.

7.3

Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure data collected through our site and to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

7.4

We protect personal data using a combination of technical and organisational measures, including, but not limited to:

• SSL encryption of all traffic across all pages of our website to establish an encrypted link between the web servers and your browser
• AES encryption of data at rest
• Secure firewalls and intrusion detection systems
• Access controls based on the principle of least privilege
• Strong password policies and Multi-Factor-Authentication
• Annual vulnerability scanning and security monitoring
• Staff training on data protection and cybersecurity best practices
• Written procedures for managing data breaches, including mandatory reporting where required
• Audits of the above at least annually

7.5

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Sharing your information and international transfers

8.1

Except as described below, we will not share your information with any third parties.

8.2

In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority.

8.3

We may sometimes contract with third parties to supply Products and services to you on our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely and in accordance with your rights, our obligations and the obligations of the third party under the law.

8.4

We may compile statistics about the use of our site including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, affiliates, partners and advertisers. Data will only be shared and used within the bounds of the law.

8.5

We may sometimes use third-party data processors that are located outside of the EEA. Where we transfer any personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR. We will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data. Or we may use specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK, such as the International Data Transfer Agreement. To obtain a copy of these contractual safeguards, please contact us.

8.6

We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by us.

8.6.1

In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed of the changes. When contacted you will be given the choice to have your data deleted or withheld from the new owner or controller.

8.7

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

9. How you can control your data

9.1

In addition to your rights under the GDPR, set out in Section 4, when you submit personal data via our site, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details and by managing your account). If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes for example relating to service availability notifications, order confirmations, updates to our terms and conditions, and checking that your contact details are correct.

9.2

You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving (unless you withdraw that consent).

10. Your right to withhold information

10.1

You may access our site without providing any personal data at all.

10.2

You may restrict our use of cookies. For more information, see Section 12 and our Cookie Policy.

11. How to access your information

11.1

You have the right to ask for a copy of any of your personal data held by us (where such data is held). Under the GDPR, no fee is usually payable and we will provide any and all information in response to your request free of charge. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. Please contact us for more details at hello@logmycare.co.uk, or using the contact details in Section 14.

11.2

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

11.3

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

12. Our use of cookies

12.1

Our site may place and access certain first-party cookies on your computer or device. First-party cookies are those placed directly by us and are used only by us. We use cookies to facilitate and improve your experience of our site and to provide and improve our products or services. We have carefully chosen these cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.

12.2

By using our site you may also receive certain third-party cookies on your computer or device. Third-party cookies are those placed by websites, services, and/or parties other than us.

12.3

For more information about our use of cookies, please read our latest Cookie Policy.

13. Changes to this Privacy Policy

13.1

We keep our privacy policy under regular review. This version was last updated in April 2025. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new address or email address.

13.2

We may change this Privacy Policy from time to time (for example, if the law changes). Any changes will be immediately posted on our site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our site following the alterations. We recommend that you check this page regularly to keep up-to-date.

14. Contact

14.1

If you have any questions about our site or this Privacy Policy, please contact us by email at  hello@logmycare.co.uk. Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you (as under Section 11, above).