Privacy Policy

Introduction:

We are committed to protecting personal data privacy. This policy outlines how we collect, process, and manage data in compliance with UK GDPR, the Data Protection Act 2018, and ICO guidelines.

What Data We Collect:

• Personal information (name, contact details) of care providers and staff users

• Audio recordings and transcribed notes about residents, including special categories (health-related data)

  
  

Why We Collect Data:

• To provide AI transcription and summarisation services for effective care documentation

• To ensure accuracy and reduce administrative burden for care providers

How We Handle Your Data:

• Audio files are deleted automatically within 48 hours

• Transcripts and notes are stored securely based on your specified retention policies

• Data is hosted exclusively within the UK on secure Azure infrastructure

• Data may be processed at times within the EU but returns to the UK for storage

  
  

Data Sharing and Third Parties:

• Microsoft Azure UK: secure cloud hosting

• Any additional sub-processors will be explicitly approved by clients and listed clearly

  
  

Your Rights:

• Request access to your data

• Request corrections or deletions of data

• Opt-out of certain data processing activities (subject to operational feasibility)

• Export your data in portable formats

Security Measures:

• Encryption of data at rest and in transit

• Strict access control measures

• Regular security audits and vulnerability testing

  
  

ICO Registration:

• We are registered with the ICO (reference: ZB871667)

  
  

Contact Information:

• For privacy inquiries, access requests, or complaints, contact: marcus@elyndra.co.uk