Privacy Policy

We are CareIQ Limited.
We build products to enable 'real time' health intelligence, for everyone.

Our commitment to data privacy is at our core, and we believe that transparency is the key to earning your trust. Trust in our data security and privacy practices is vital, and we don't just ask for it; we demonstrate it by openly sharing how we handle personal data for our software. Transparency isn't just a practice for us; it's a fundamental principle guiding our mission to earn and maintain your confidence.

This privacy notice applies to your use of the CareIQ services and software applications (“Apps”).

To understand how we use your data, please refer to the sections below:
  • Healthcare Professionals
  • Patients
  • Prospective buyers from healthcare organisations
  • User / Market Research Participants
  • Job Applicants and Prospects
This notice may change periodically and will be published on the CareIQ website. By continuing to use our “Apps” after any changes are made and we have notified you of them, the way we use your personal data will be subject to the terms of any updated policy.

Who We Are

Your relationship is with CareIQ Limited. When this policy talks about 'CareIQ’, ‘us’ or ‘we’, it means CareIQ Limited. 

We provide a range of “Apps” for healthcare / life science / research services professionals, healthcare professionals, patients. Our “Apps” are not intended for use by children. 

Under the data protection laws, CareIQ is known as the “Data Processor”.

Our details are as follows:
  • Office: 103 Cranley Drive, Newbury Park, Ilford, Essex, England, IG2 6AA
  • Company Registration Number: 12558417
  • ICO Registration Number: ZA781066
  • NHS Data Security and Protection Toolkit Organisation Code is: 8KM74
If you have any further questions about how we process your information, please don't hesitate to get in touch by contacting our Data Compliance Manager at dpo@careiq.health.

Healthcare Professionals

CareIQ is a health intelligence software provider for healthcare organisations like your employer - perhaps a GP practice or hospital Trust. If you’re a member of staff here that uses CareIQ, we receive information about you in three ways:

  • CareIQ account registration - when you sign up, or are signed up for, a CareIQ account

  • Ongoing use of the CareIQ platform
  • If you contact us directly, for example through our email or chat platform

CareIQ registration

Upon creating a CareIQ account (either via email or using our sign up page), we collect the following information about you and link this to a unique identifier in our system:

  • Name

  • NHS email address
  • ODS code of your medical or GP practice
  • EMHR username
Why: We collect this information on the basis of legitimate interest to be ready to link your profile to your organisation and have access to full functionality of our Apps

Ongoing use for your work in a healthcare organisation

We provide software products to healthcare organisations. These healthcare organisations are responsible for how your information is used in our platform - in legal language, they are the “Data Controller”. They provide us with information and instruct us how to use it. This means we’re acting as a “Data Processor”. 

When your registration (above) is linked to an organisation, we link the data to other information about you, provided by yourself or your organisation, including your job role, and actions you’ve taken in CareIQ software. We have a very clear agreement with your healthcare provider that sets out what we do with the data, and how we keep it safe. You can read the full agreement here

Email, social media or telephone engagement with us as an actual or prospective CareIQ user

When you contact us over social media, email, or via live chat on our website, we may collect the following information about you:
  • Name
  • Email
  • Telephone number
  • Social media handles
  • Anything else you share with us in our engagement
Why: We collect this information on the basis of our legitimate interest to respond to you.

Patients

CareIQ is a healthcare intelligence software provider for healthcare organisations like your GP practice or local hospital. If you’re a patient, we receive information about you in two ways:
  • Via healthcare organisations who use CareIQ software 
  • If you contact us directly, for example through our email or chat platform

Via healthcare organisations who use CareIQ software

We provide software products to healthcare organisations involved in your care. These healthcare organisations are responsible for how your information is used - in legal language, they are the “Data Controller”. When they want to use our software to communicate with or about you, they provide us with information and instruct us how to use it.
This means we’re acting as a “Data Processor” and this falls outside the scope of a Privacy Policy. We have a very clear agreement with your healthcare provider that sets out what we do with the data, and how we keep it safe. You can read the full agreement hereand more information about our role and how we protect data here
Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS England's Privacy Notice and Terms and Conditions, please click hereThis restriction does not apply to the personal information you provide to us separately.

Via direct correspondence with you

If we correspond with you directly, we’ll collect information about you. The exact information we collect about you will depend on the way you contact us.

By email or social media

  • Name
  • Email
  • Telephone number
  • Social media handles
  • Anything else you share with us over the correspondence
Why: We collect this information on the basis of our legitimate interest to ensure we deal with your queries quickly and efficiently and understand how you interact with us.

Via the support chat on our website

  • Name
  • Email
Why: We collect this information on the basis of our legitimate interest to ensure we deal with your queries quickly and efficiently and understand how you interact with us. 

In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you.

Prospective buyers from healthcare organisations

If you work for a commissioner in the NHS or someone who buys software for healthcare providers.
When we speak to you about prospective deals for our software services, we will collect the following information about you:
  • Name
  • Age
  • Email
  • Content of email communications with you and metadata (including delivery status)
  • Any additional information you provide to us through our communications with you
Why: we collect this information on the basis of our legitimate interests to discuss procurement and purchasing decisions of our products by your organisation.

Third-party links

You should be aware that our “Apps” may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party apps and are not responsible for their privacy statements. When you leave our app, we encourage you to read the privacy notice of every website or app you visit or use.

User/Market Research Participants

We try to build software that our users love. To achieve this, we spend a lot of time speaking to different user stakeholders to understand their needs and what they’re looking for. We may conduct this research to improve existing products or inform the development of new products.
When you participate in our research, we will collect the following information about you:
  • Name
  • Age
  • Email
  • Any additional information you provide to us through surveys, interviews or other communications with us
Why: we collect this information on the basis of our legitimate interest to ensure our products are fit for purpose and match your expectations as a user or explicit consent which we will obtain from you at the beginning of research projects.
In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to analyse our programmes and support other similar programmes around the world.

Job Applicants and Prospects

When you’ve signed up for information about events and job opportunities, e.g. for hiring events or opportunities updates, we gather information:
  • Name
  • Email
  • Any other information, for example about roles that you are interested in, that you may provide when you sign up
Why: To send you the event or hiring information or to process your booking in relation to an event we are organising. We process this on the basis of your consent and you may opt out at any time.

When you apply for a role with us:

If you apply for a role at CareIQ, we will collect the following information about you:
  • Name
  • Email
  • Telephone number
  • Employment history and other data in your CV or otherwise submitted to us
  • Assessments completed by you as part of the application process
  • Feedback about you from our staff and your referees
Why: We collect this information on the basis of our legitimate interest to assess job applications and to take steps necessary to enter into an employment contract with you. We also collect it because we have a legal obligation to ensure applicants have the right to work.

Email or social media contact

If you contact us over email or social media about a job application, we will also collect the following information about you:
  • Name
  • Email
  • Telephone number
  • Login information
  • Time-zone setting
  • Browser plug-in types and versions
  • Operating system
  • Platform
  • IP addresses
  • MAC addresses and social media handles
We retain information about you as a prospective employee for a maximum of 24 months, so we can use it to improve our hiring process, or to inform you of other opportunities. 
If we reach out to you via social media about a job opportunity we think you are a good match for, we will collect your name and social media URL, and will retain this information for up to 24 months. This is to help us build a prospective candidate list that we can contact for any new opportunities and track how well our recruitment processes are working. We use your data in this way as it's in our legitimate interest to find great people to work for us, and to improve our hiring practices.

General questions

How do we collect information?

We may collect information about you from a variety of sources:
  • Email, telephone, social media and in-person interactions we have with you
  • From other organisations within the health system
  • Via the chat function on our website
  • Cookies on our website and pixels in our emails
  • Publicly accessible sources including your employer’s website or your social media profile

How long do we retain your personal data?

Our data retention periods for different groups are set out below. If you have questions about any categories of data not provided below, please contact support@careiq.health.
Retention Period
Type of Data
As long as necessary for the purpose of selling or providing our service, subject to your rights.
For up to 24 months after any direct contact with us.
Communications from patients who contact us directly
Up to 48 months after last contact with your organisation.
For up to 48 months after research has been concluded, unless otherwise stated in the project’s information and consent material.
User/Market Research Participants
Job Applicants and prospects
For prospects, we will retain your information for up to 24 months. For job applicants, we retain your application information for up to 24 months after any hiring process you are directly involved in has been completed.
Prospective buyers
Healthcare Professional

Which third parties are involved in processing your data?

The parties we may share different groups’ data with are set out below. If you have questions beyond this, please contact support@careiq.health.
Parties your information may be shared with
Group
We have contractual agreements in place with hospitals and GP practices, which govern and protect the data about you when you use our software.

If you contact us directly, your data may be securely stored in the software service providers of our data storage, email, office, live chat support, and social media systems.

We may share your data with regulators, authorities and enforcement agencies if we’re under a duty to comply with any legal obligation or enforce our terms and conditions.
We have contractual agreements in place with hospitals and GP practices, which protect your data when they work with you.

If you contact us directly, your data may be securely stored in the software service providers of our email, office, and live chat support systems.

We may also share your data with regulators, authorities and enforcement agencies if we’re under a duty to comply with any legal obligation or enforce our terms and conditions.
Patients
Your data may be stored by our email, CRM software, and storage providers.
Your data may be stored by our email, productivity, design, communication and storage providers.
User/Market Research Participants
Job Applicants and prospects
Your data may be stored in our recruitment platform provider well as in our email, productivity, design, communication and storage providers.
Prospective buyers
Healthcare Professional

What rights do you have under data protection laws?

You have various rights under data protection law in relation to the data that we control about you. Please note that if you are a patient or a member of staff in an organisation that uses CareIQ, you should contact the organisation concerned (the data controller) to understand your rights and exercise any that you have. If you wish to exercise any of these rights or have any questions, please contact support@careiq.health. 
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
  • Access: You can request access to and obtain a copy of your personal data
  • Rectification: You can correct incomplete or inaccurate data we hold about you
  • Erasure: You can ask to erase personal data we hold about you
  • Restrict: You can ask us to restrict how we handle your personal data
  • Portability: You can ask us to transfer your personal data to a third party
  • Object: you can object to how we’re using your personal data
You also have the right to lodge a complaint with us or the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales.
CareIQ logo in white
Company
Our StoryRequest a demo
Resources
Help CentreContact us
About
Professionals - Terms & ConditionsPatient - Terms & ConditionsData Processing AgreementPrivacy policyCookie policyMedical disclaimer
Copyright © 2023 CAREIQ LIMITED. All rights reserved.

CareIQ Limited is a private limited company registered in England and Wales under Company Number 12558417.