Welcome to Wisterias Care Software Ltd
We are committed to protecting your privacy and handling your personal information with transparency and care. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Care Management Software (“Care Office”) on both Web and Mobile applications.
1. Who We Are
Wisterias Care Software provides digital tools to care organisations to manage service users, care staff, and daily activities. We act as a Data Processor on behalf of our customers, who are typically Care Providers acting as Data Controllers under the Data Protection Act 2018 and the UK GDPR.
Our registered office is:
International House, 61 Mosley Street, Manchester, England, M2 3HZ
2. Personal Data We Process
We process personal data provided by our customers and users, which may include:
• Service users’ names, addresses, contact details, medical histories, and care notes.
• Carers’ names, roles, qualifications, and work schedules.
• Incident reports, body maps, daily notes, and medication records.
• Staff training records and audit logs.
• Device identifiers, login details, and usage logs from Care Office Web and Mobile apps.
We only process personal data necessary for delivering our services.
3. How We Collect Personal Data
We collect personal data when:
• Care providers input information into the Care Office system.
• Users (carers, managers) interact with our Web or Mobile apps.
• Devices automatically record technical usage information (cookies, device IDs).
4. Our Legal Basis for Processing
We process personal data under the following lawful bases:
• Performance of a Contract: To provide services to care providers.
• Legal Obligation: To meet care sector regulations and record-keeping standards.
• Legitimate Interests: To improve, maintain, and secure our platform.
Where required, care providers are responsible for obtaining consent from service users and staff.
5. How We Use Personal Data
We use the data to:
• Support day-to-day care management activities.
• Enable safe, compliant care delivery.
• Facilitate training tracking, auditing, and incident reporting.
• Provide technical support and improve our services.
We do not sell, rent, or trade personal data.
6. Data Sharing
We only share data with:
• The customer (the Care Provider) who controls the data.
• Our trusted technology providers who help deliver our services (subject to strict contracts).
• Authorities if legally required (e.g., safeguarding investigations, legal obligations).
7. Data Security
We take security very seriously and have implemented:
• Encryption of data at rest and in transit.
• Access controls and two-factor authentication.
• Regular security testing and vulnerability scanning.
• Backup and disaster recovery procedures.
We comply with UK GDPR and best industry practices for data protection.
8. International Transfers
Where we transfer data outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent protections.
9. Data Retention
We retain personal data only as long as necessary:
• For care records: as agreed with the Care Provider and to meet legal care sector obligations.
• For technical logs: typically for 12 months unless otherwise required.
When no longer needed, data is securely deleted.
10. Your Rights
Care Providers (Data Controllers) are responsible for managing service users’ and staff’s data rights.
Subject to applicable laws, individuals have rights to:
• Access their personal data.
• Request correction of inaccurate data.
• Request erasure (“right to be forgotten”) where applicable.
• Object to or restrict processing.
We assist Care Providers in responding to these requests where necessary.
11. Cookies and Analytics
Our Web and Mobile apps may use cookies or device identifiers to:
• Keep users logged in securely.
• Collect anonymised usage data to improve the service.
Users will be informed about cookies and can manage preferences.
12. Changes to This Privacy Policy
We may update this Privacy Policy occasionally to reflect legal changes or improvements to our services. We will notify Care Providers of significant changes and update the policy date.
13. Contact Us
If you have questions about this Privacy Policy, please contact:
Wisterias Care Software Ltd
International House, 61 Mosley Street, Manchester, England, M2 3HZ
info@wisterias.co.uk
