Privacy Policy

Effective: July, 2019

Who are we?

We are Birdie Care Services Ltd, registered at Companies House under number 10863579.

We are based at:

St James House, 13 Kensington Square, London, United Kingdom, W8 5HD

Our Data Protection Officer can be reached by emailing dpo@birdie.care.

Birdie Care Services plays a dual role when it comes to processing. In some situations, we act as a Controller, in others we are the Processor. When we are a Processor of personal data, we are doing so purely on the instruction of another company (the Controller). If you are a patient or healthcare professional, then that company is likely to be the care provider. To find out more about how your data is protected by them, you should contact them directly.

We are registered with the ICO as a fee payer because we have chosen to appoint a Data Protection Officer. We have a Data Protection Officer because we process a lot of sensitive data on behalf of other companies and we want to ensure that we are protecting your rights and freedoms at all times, in the course of our day to day activities.

Birdie Care Services, does on occasion, act as a Controller. This is only for the data that we process for our day to day internal business operations, as well any technical data that is collected by our app.

We only collect the data that we need to carry out a task and do not keep data longer than is necessary. We delete data when it is no longer required for the purpose that we collected it.

This privacy notice refers to the data we process as a Controller only.

We are happy to talk to you about how we process and protect data, just email us dpo@birdie.care.

Tell me more…

To see more about how we use your personal data, read the notice or notices which apply best to your relationship with us:

I am an employee of Birdie Care Services Ltd

I am a corporate client (Care Agency)

I am a potential corporate client (Care Agency)

I am just browsing your website

I am an app user

I am an investor

Corporate Client Privacy Notice

Data that we hold and how we use it

As a corporate client, we hold the contact and payment details required to carry out our contract with you, manage our relationship and keep you up to date with changes and improvements to our services. This data would have been sourced from you directly.

Lawful basis for processing

Our lawful basis for processing your data is a combination of Contract and Legitimate Interest. We use legitimate interest when we use your data to keep you up to date with changes and improvements to our goods and services. Results of a legitimate interest balancing test indicate that this use is pursuing a legitimate interest, is necessary for the purpose of keeping you updated and growing our business, and unlikely to cause you risk or harm. 

Data Sharing and Transfers

Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.

We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.

Retention Periods

We hold data on Corporate Clients for the length of time that you are a client of ours, then another 7 years in case of any dispute.

Technical and Operational Security

All data is password protected, access controlled, backed up securely and encrypted when appropriate.

All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.

Data Privacy by Design and Default is an integral part of our development processes.

All devices are protected by a leading enterprise mobility management technology

Your Rights

You have rights in respect of our processing of your personal data. The relevant rights are:

  • Request a copy of your personal data and information about our processing of it
  • Request that we delete information on you, if we do not need to hold it
  • Request that we correct any personal data that we hold on you
  • Request that we stop processing your data, although we can still hold it
  • Request that we move your data to another organisation’s IT system electronically, in some circumstances
  • Request that we suppress your data for marketing purposes
  • If we have used consent as our lawful basis for processing your data then you have the right to withdraw consent at any time.

If you want to exercise any of these rights, please just contact us on xxxx


You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/


Contact Us


Employee Privacy Notice

If you are an employee of Birdie Care Services Ltd, please refer to the Fair Processing Notice that is stored in the Employee Handbook.

Potential Corporate Client Privacy Notice

Data that we hold and how we use it

As a potential client, we hold your name, job title and corporate contact details so we can build a relationship with you. This data will have been sourced directly from you at an event, or from your company website or a similar publicly available source. We only hold your data if we legitimately think you will have an interest in using our product.

Lawful basis for processing

Our lawful basis for processing your data is a Legitimate Interest for marketing purposes. As you are a corporate entity, we also abide by the Privacy and Electronic Communications Regulations (PECR). We give you the change to opt out of all marketing on anything that we send you. We only share details of our own goods and services in our marketing. 

If your data was not sourced directly from you, then we contact you once we have the data to let you know that we have your data and give you the chance to opt out. 

Our legitimate interest balancing test indicates that this is a legitimate purpose: you would not be surprised to hear from us based on the nature of your job role, and our processing does not cause any harm or risk to you as a data subject.

Data Sharing and Transfers

Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.

We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.

Retention Periods

We hold data on Potential Corporate Clients for as long as we think you are likely to be interested in our goods and services, or until the point at which you opt out of communications. At this point you are added to a suppression list so we do not contact you again. 

When you become a Corporate Client, then the privacy Notice for Corporate Clients will apply.

Technical and Operational Security

All data is password protected, access controlled, backed up securely and encrypted when appropriate.

All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.

Data Privacy by Design and Default is an integral part of our development processes.

All devices are protected by a leading enterprise mobility management technology



Your Rights

You have rights in respect of our processing of your personal data. The relevant rights are:

  • Request a copy of your personal data and information about our processing of it
  • Request that we delete information on you, if we do not need to hold it
  • Request that we correct any personal data that we hold on you
  • Request that we stop processing your data, although we can still hold it
  • Request that we move your data to another organisation’s IT system electronically, in some circumstances
  • Request that we suppress your data for marketing purposes
  • If we have used consent as our lawful basis for processing your data then you have the right to withdraw consent at any time.

If you want to exercise any of these rights, please just contact us on xxxx


You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/

Contact Us

Investor/Shareholder Privacy Notice

Data that we hold and how we use it

As an investor or private shareholder in Birdie Care Services Ltd, we hold your contact details. This data would have been sourced from you directly.

Lawful basis for processing

Our lawful basis for processing your data is a legal obligation; we are legally obliged to document who the owners of our business are. 

Data Sharing and Transfers

Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.

We share your contact details in line with our regulatory requirements, so will be listed in official documents such as company filings and would be used in any potential data room.

Retention Periods

We hold your contact data for the length of time that you are an investor or shareholder of ours, then until the expiration of the legal obligations.

Technical and Operational Security

All data is password protected, access controlled, backed up securely and encrypted when appropriate.

All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.

Data Privacy by Design and Default is an integral part of our development processes.

All devices are protected by a leading enterprise mobility management technology

Your Rights

You have rights in respect of our processing of your personal data. The relevant rights are:

  • Request a copy of your personal data and information about our processing of it
  • Request that we delete information on you, if we do not need to hold it
  • Request that we correct any personal data that we hold on you
  • Request that we stop processing your data, although we can still hold it
  • Request that we move your data to another organisation’s IT system electronically, in some circumstances

If you want to exercise any of these rights, please just contact us on xxxx


You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/


Contact Us

App User Privacy Notice

Data that we hold and how we use it

As an app user, you provide some data to enter into a contract with us. This will be your contact details. We also process data about the way you use our app, including your IP address and browsing time. This helps us to optimise the performance of our app, monitor it for security purposes and drive improvements for our users.

Lawful basis for processing

Our lawful basis for processing your data is a combination of Contract, Legitimate Interest and Consent. We use your contact details to provide you with the app and the appropriate technical support as needed; this is our contract with you. We use legitimate interest when we use your data to improve the performance of the app, process your data for marketing purposes, and protect it from illegal use. Results of a legitimate interest balancing test indicate that this use is pursuing a legitimate interest,  and unlikely to cause you risk or harm. 

When we send marketing messages to you, we rely on consent under Privacy and Electronic Communications Regulations (PECR). This consent is collected via the app. We are aware that as an employee of a corporate subscriber, we could send marketing messages without consent. However, we feel that consent is a better option for you in this instance. You can withdraw this consent at any time.

Data Sharing and Transfers

Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.

We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.

Retention Periods

We hold data used to fulfil the contract for 12 months after the termination of the contract.

We delete log data 12 months after you cease using the app.

We remove you from our marketing database, onto a suppression list, when you opt out of receiving communications from us.

Technical and Operational Security

All data is password protected, access controlled, backed up securely and encrypted when appropriate.

All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.

Data Privacy by Design and Default is an integral part of our development processes.

All devices are protected by a leading enterprise mobility management technology

Your Rights

You have rights in respect of our processing of your personal data. The relevant rights are:

  • Request a copy of your personal data and information about our processing of it
  • Request that we delete information on you, if we do not need to hold it
  • Request that we correct any personal data that we hold on you
  • Request that we stop processing your data, although we can still hold it
  • Request that we move your data to another organisation’s IT system electronically, in some circumstances
  • Request that we suppress your data for marketing purposes
  • Where we have used consent as our lawful basis for processing your data then you have the right to withdraw consent at any time.

If you want to exercise any of these rights, please just contact us on xxxx


You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/

Contact Us

Website Browsing Privacy Notice

Data that we hold and how we use it

When you browse our website

Lawful basis for processing

xxx

Data Sharing and Transfers

Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.

We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.

Retention Periods

xxx

Technical and Operational Security

All data is password protected, access controlled, backed up securely and encrypted when appropriate.

All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.

Data Privacy by Design and Default is an integral part of our development processes.

All devices are protected by a leading enterprise mobility management technology

Your Rights

You have rights in respect of our processing of your personal data. The relevant rights are:

  • Request a copy of your personal data and information about our processing of it
  • Request that we delete information on you, if we do not need to hold it
  • Request that we correct any personal data that we hold on you
  • Request that we stop processing your data, although we can still hold it
  • Request that we move your data to another organisation’s IT system electronically, in some circumstances
  • Request that we suppress your data for marketing purposes
  • If we have used consent as our lawful basis for processing your data then you have the right to withdraw consent at any time.

If you want to exercise any of these rights, please just contact us on xxxx


You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/


Contact Us