Privacy Policy for Individuals

Individual Users

Privacy Policy (Individual Users)
‍

Introduction: CareTag.uk (the “Service”) is operated by Health Pros Network Ltd (Company No. 15970093), a company registered in England and Wales .In this Privacy Policy, “we”, “us”, or “our” refers to Health Pros Network Ltd, and “you” refers to individual users of CareTag.uk. We are committed to protecting your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Policy explains what information we collect from individual users, how we use and share it, the lawful bases for processing, how long we keep it, and your rights. We aim to use clear language and UK terminology throughout.
‍

Data We Collect: To provide the CareTag.uk service, we collect and process the following categories of personal data from individual users (you may provide some or all of these when using our Service):
‍

• Identity and Contact Information: Your name and surname, and your city or town (for basic identification and personalisation). We also collect your contact details such as email address (for account communication, purchase receipts, and renewal reminders) and occasionally phone number if provided (e.g. for support contact).
  
  
• Emergency Contact Details: You have the option to provide information about emergency contacts (such as a parent, guardian, or friend). This typically includes the contact’s name, relationship to you, and phone number, which would be used to reach them in case of an emergency.
  
  
• Medical and Health Information: You may provide sensitive personal data about health, including medical conditions, medications, allergies, and other medical details, as well as language preferences or other optional information you choose to include in your profile. This health-related information is considered “special category” personal data under UK GDPR and receives additional protection We will only collect and use this information with your explicit consent due to its sensitivity.
  
  
• Child Profiles: If you are a parent or guardian setting up a profile for a child, we will collect the child’s personal and health information (as described above) with your provision and consent. We also collect your confirmation that you are the parent/guardian and consent to this processing. (See Children’s Data below for more information.)
  
  
• Payment Information: If you purchase a CareTag profile, payments are processed via our third-party payment processor (Stripe). We do not collect or store your full card details ourselves. Stripe directly handles your payment information on our behalf in a secure manner, and we receive a payment confirmation. (Stripe is a PCI-DSS compliant payment provider and operates under its own privacy policy.)
  
  
• Technical and Usage Data: When you use our website, we may automatically collect basic technical data such as IP address, browser type, and usage logs for security and auditing. We do not use this data to personally identify you, and we do not use cookies for advertising or invasive tracking. Any cookies or similar technologies on our site would be used only for functionality (e.g., to keep you logged in or to remember preferences).
  ‍

We collect most personal data directly from you (for example, through the profile sign-up form and purchase form). In some cases, for business client referrals, a business (e.g. your employer or organisation) might provide your details to us to set up your profile – we address that scenario in the Business Clients Privacy Policy.

Purpose of Processing and Use of Data: We use the collected data for the following purposes, in each case ensuring we have a lawful basis under UK GDPR:
‍

• Providing the Service: We use your personal information to create and host your CareTag profile and make it accessible via a secure, scrambled URL (and corresponding NFC-enabled bracelet or wallet card or tag) so that in an emergency, first responders or others can view your provided medical information. Legal basis: We rely on performance of a contract (UK GDPR Article 6(1)(b)) to provide the service you requested – i.e. hosting your profile for one year and enabling access to it. For special category medical data, we rely on your explicit consent (Article 9(2)(a)) to process and display this health information for the specified purpose of emergency access. By creating a profile, you consent to us processing your health data and disclosing it via the profile in emergencies, as this is the core function of the Service.
  
  
• Emergency Use and Disclosure: In an emergency situation, anyone with access to your CareTag profile URL or NFC-enabled bracelet or wallet card (such as first responders, medical personnel, or bystanders who scan your tag) will be able to view the personal and medical information you provided. You authorise us to disclose your information in this way to assist in your care during an emergency.We may also contact your provided emergency contact in an urgent situation if necessary. Legal basis: This disclosure is based on your explicit consent and also potentially on vital interests (Article 6(1)(d) and Article 9(2)(c)), as it may be necessary to protect your life or health if you are unable to consent at that moment. We also have a legitimate interest in allowing designated emergency contacts and medical personnel to access your data for your safety. (We carefully designed profiles with non-indexed, randomised URLs to minimise any accidental access by others.)
  
  
• Account Management and Customer Support: We use your contact information (email, and if provided, phone) to communicate with you about your account and purchase. This includes sending purchase confirmations and receipts, providing customer support if you contact us, sending reminders when your one-year profile period is nearing expiration, and informing you of renewal options. Legal basis: These communications are part of performing our contract with you (ensuring you receive the full service, including reminders), and/or our legitimate interests in maintaining good customer service and ensuring you are informed about your subscription status. We do not send marketing emails unrelated to your CareTag profile without your consent.
  
  
• Profile Renewal and Data Retention Management: We email you before your profile’s one-year term expires to offer renewal. If you choose to renew (extend) the service, we will update the profile’s expiry date after payment. If you do not renew, we will delete your profile and associated personal data shortly after the expiration (see Data Retention below). We may keep a record that the profile existed and expired (without the detailed content) for administrative purposes. Legal basis: Contract performance (to manage the service term) and legitimate interests (to ensure data is not kept longer than necessary).
  
  
• Processing Payments: When you pay for the service, your payment details are used by Stripe to charge you. We process data such as the transaction amount, date, and your name/email for billing records. Legal basis: Performance of contract (processing payment for the service) and legal obligation (for maintaining financial records required by law).
  
  
• Ensuring Legal Compliance and Security: We may process and retain some data as needed to comply with legal obligations (e.g., consumer law requirements, tax and accounting rules) or to respond to lawful requests by authorities. We also process technical data (like IP logs) and may use it to protect our website and service from fraud, abuse, or security threats. Legal basis: Legal obligation (Article 6(1)(c)) for compliance with laws, and legitimate interests (Article 6(1)(f)) in safeguarding our systems and preventing misuse.
  
  
• No Automated Decisions or Profiling: We do not use your personal data for any automated decision-making or profiling that produces legal or significant effects on you. In other words, we do not algorithmically analyse or predict aspects of you (e.g. health or behavior) to make decisions without human involvement. All processing of your data is for the direct purposes you have consented to or requested, as described above.
  ‍

Lawful Bases for Processing: Under UK GDPR, we must have a valid lawful basis for each use of your personal data (and an additional condition for special-category health data). Here is a summary of the bases we rely on:
‍

• Consent: We obtain your explicit consent to process your health information and any other special-category data (e.g. allergies, medications) for the purpose of sharing with emergency responders via your profile. You give this consent when you fill out the profile form (we include a consent confirmation in the sign-up process via Typeform). You may withdraw this consent at any time (see Your Rights below), but note that if you do so, we will likely have to delete your profile as we cannot lawfully process your health data without consent (unless another condition applies). We also rely on consent for any optional data you provide and for any direct marketing (which we currently do not carry out, except perhaps an optional newsletter if you choose to subscribe).
  
  
• Performance of a Contract: When you purchase a CareTag profile, you enter into a service agreement with us. We process your basic personal data (name, contact, etc.) as necessary to fulfill that contract – for example, to create your profile, provide access to it, and communicate with you about it. This also covers processing for account creation, customer support, and renewal management. If you refuse to provide essential data needed for the contract (such as your name or a way to contact you), we may not be able to provide the service.
  
  
• Legal Obligations: We may process certain data to comply with our legal obligations. For instance, UK law might require us to retain transaction records (including your name and payment details) for a certain number of years for tax and financial reporting. If authorities lawfully require information (for example, as part of an investigation), we might have to provide it.
  
  
• Legitimate Interests: In some cases, we process data for our legitimate business interests in a way that does not override your rights and freedoms. Examples include: using emergency contact information you provided to reach out to that person in a crisis (our legitimate interest is to assist you in an emergency, and the emergency contact has an interest in being informed); sending you a renewal reminder or follow-up about the service (legitimate interest in customer service and maintaining the service relationship); improving our service’s security and usability (we might analyse anonymous usage patterns to improve site stability). When using legitimate interests, we ensure our interest is balanced against your privacy – if you have any objections, you have the right to object to such processing (see Your Rights).
  ‍

We will clearly inform you at the point of data collection which basis applies, especially when asking for consent. In practice, the sign-up form will explain that by submitting health information you consent to our use of it for emergency sharing, and that certain data is needed for the service contract.

How We Share Your Data: We treat your personal data with care and confidentiality. We do not sell your personal data to third parties. However, to operate the Service, we share data in certain necessary ways with trusted parties:
‍

• Public Profile Viewing: The primary “sharing” occurs when someone accesses your CareTag profile via the unique URL or NFC-enabled bracelet or wallet card. Anyone in possession of your CareTag tag or link can view the information on the profile. This is by design for emergency accessibility – only those who have the physical tag or the exact web link can access it, as profiles are not indexed on search engines and use randomised URLs for privacy. We strongly advise you to keep your CareTag NFC-enabled bracelet or wallet card or link safe and only share it with those you trust or as needed for emergency purposes. By using the Service, you acknowledge that any person who scans your NFC-enabled bracelet or wallet card or enters your profile URL will be able to see the personal and health details you provided, and you consent to this form of data disclosure.
  
  
• Emergency Contacts and Medical Personnel: If first responders or hospital staff find your CareTag, they may use it to contact your listed emergency person. We consider that an intended use of your data.
  
  
• Service Providers (Processors): We use certain third-party service providers to help run CareTag.uk, and they may process your data on our behalf, solely for the purposes of providing the service to you. These include:
  
  
  • Hosting and Website Platform: CareTag.uk is built on a secure content management and hosting platform. Your profile data (including personal and medical info) is stored in databases hosted by this platform on secure servers. We have ensured that any hosting provider we use implements strong security measures and, if servers are located outside the UK, that appropriate safeguards (like standard contractual clauses or an adequacy decision) are in place for international data transfer (see below). We do not publicly disclose specifics of our infrastructure for security reasons, but note that your data is stored with third-party cloud service providers under strict confidentiality and data protection agreements.
    
    
  • Form Collection (Typeform): We collect your information and consent at the point of purchase through online forms (currently, we use Typeform to gather your data and order details). When you fill and submit the Typeform, your responses (including personal and health info) are transmitted to us. Typeform acts as a data processor, storing your responses temporarily and sending them to us. We have an agreement with this provider to protect your data. They may store form data on their servers; however, we ensure the data is transferred securely and deleted from the form system once we have it in our secure database.
    
    
  • Payment Processor (Stripe): As noted, all payment transactions are handled by Stripe. When you enter your payment details, you are interacting directly with Stripe’s system. Stripe may share with us limited information necessary for us to confirm the payment (such as a transaction ID, your name, email, and amount). Stripe is a data controller for your payment information in its own right, and its use of your data is governed by Stripe’s privacy policy. We recommend you review Stripe’s privacy policy when entering payment details. We do not receive or store your credit card number or bank account details.
    
    
  • Email Service: We may use an email delivery service to send out confirmation emails, renewal reminders, or support responses. This means your email address and the content of emails (which might include your name or info about your profile) could pass through a third-party email service (for example, an SMTP relay or a service like SendGrid or our web platform’s email function). We ensure any such provider is reputable and compliant with data protection requirements.
    
    
• Business Transfers: If in the future Health Pros Network Ltd undergoes a business transaction (like a merger, acquisition, or asset sale related to CareTag.uk), user data might be transferred as part of that transaction. If that happens, we will ensure the new owner continues to uphold this Privacy Policy or gives you notice of any changes.
  
  
• Legal Compliance and Safety: We may disclose personal data to courts, law enforcement, regulatory authorities, or other third parties when required by law or if disclosure is necessary to exercise, establish, or defend legal claims. For example, if we receive a valid legal request (such as a court order or subpoena) we may have to provide the requested data. 
  ‍

Aside from the scenarios above, we will not share your identifiable personal data with third parties unless you have given consent. If we ever consider a new type of sharing (for instance, integrating a new service that requires access to some user data), we will update this Policy and notify you as needed to obtain your consent if required.

International Data Transfers: We are based in the UK and ideally store personal data on servers located in the UK or European Economic Area (EEA). However, some of our service providers may be outside the UK. In particular, our website platform and form/payment providers may store or process data in the United States or the EEA. Whenever your personal data is transferred outside of the UK, we will ensure that one of the legal safeguards applies to such transfer:
‍

• We may transfer data to countries that the UK government has determined provide an adequate level of data protection (an “adequacy decision”).
  
  
• In absence of adequacy, we use Standard Contractual Clauses (SCCs) or equivalent contractual obligations approved under UK law, which contractually oblige the recipient to protect your data to UK GDPR standards.
  
  
• We also assess whether additional technical or organizational measures are needed for the specific transfer to ensure your data remains secure and protected.
  
  
• Our contracts with data processors (like our hosting or form providers) include commitments to UK GDPR compliance for any international transfers.
  
  

For example, Typeform’s servers are located in the EU (Spain) but may backup to the US; Stripe may process payments globally. We have agreements and SCCs in place where needed. If you have questions about our international transfer arrangements or want a copy of relevant contract clauses, you can contact us (see Contact section below).
‍

Data Retention: We retain personal data only as long as necessary for the purposes described in this Policy and to fulfill our legal obligations. In general:
‍

• Profile Data: The information you provide in your CareTag profile (name, contacts, medical details, etc.) is retained for the active period of your service subscription. A standard CareTag profile is valid for one year from the date of purchase/activation. We will send you a reminder as the expiry date approaches. If you choose not to renew the service, we will delete the profile data after expiry. Specifically, we will securely delete or anonymise the personal and medical information associated with your profile typically within a short grace period after the one-year term ends (e.g., a brief buffer to account for any renewal processing or final notification – but generally no more than 30 days after expiry if no renewal). Once deleted, the profile URL/NFC-enabled bracelet or wallet card will no longer display your information. If you do renew, we will retain the data and extend the retention for another subscription period as appropriate.
  
  
• Account and Contact Information: We retain your basic contact details (like email) for as long as your profile is active, so we can communicate with you. If your profile is deleted due to non-renewal or your request, we will also delete or anonymise contact info associated with that profile, except to the extent it is necessary for other legitimate purposes (for example, keeping a record that you were a customer and when, for our financial records or to avoid sending you redundant invites). Typically, we might keep minimal records (name, email, purchase date, amount) for 6 years after your purchase, as required for accounting and tax record-keeping (in line with UK tax law and limitation periods for contractual claims). This information will be kept securely and only used if needed for audits or legal obligations.
  
  
• Emergency Contact Info: If your profile expires and is deleted, any third-party emergency contact information provided will also be deleted from our active systems. We do not have a reason to keep an emergency contact’s details beyond the life of the profile.
  
  
• Payment and Transaction Records: We retain transaction records and invoices as required by law (typically 6 years as noted). These records contain personal identifiers (like your name and contact) but not sensitive health data. We keep them secure and access-restricted.
  
  
• Communications: If you contact us via email or support, we may retain those communications (which could include your email address and any personal data you include in the message) for a period necessary to address your inquiry and maintain service history. Typically, support emails might be kept for a year or two for reference, then deleted, unless needed for legal reasons.
  
  
• Website Logs: Our web server logs and security logs that include IP addresses and visit timestamps are usually retained for a short period (a few weeks to a few months) for security monitoring and then automatically purged. We do not keep them longer than necessary.
  
  
• Deletion upon Request: Importantly, you have the right to request erasure of your data at any time (see Your Rights below). If you request deletion of your profile or withdrawal of consent, we will promptly erase your personal data (except for data we are required to retain by law). For example, if you decide to cancel the service and want your info removed, we will delete the profile and confirm to you once done. We may keep a minimal record of the request and our compliance (e.g., an email archive of the deletion confirmation) for accountability.

When we delete data, we ensure it is removed from our active databases. Please note that due to the nature of backups, it may take a little longer for data to cycle out of encrypted backups, but we ensure that even in backups, deleted data is not readily accessible and is purged on the normal backup rotation schedule.

Children’s Data: We understand the importance of protecting children’s privacy. Our Service may be used to create profiles for minors (for example, parents can create emergency profiles for their children). However, children under 13 years old are not allowed to create a profile on their own. In the UK, a child under 13 cannot legally provide consent for online data processing in the context of our service. Therefore:
‍

• Parental Consent: If the profile is for a child under 13, a parent or legal guardian must complete the purchase and profile setup on the child’s behalf. We explicitly ask during sign-up whether the profile is for a child and, if so, require the parent/guardian to confirm they consent and have authority. We make reasonable efforts to verify that the person providing consent indeed holds parental responsibility (for instance, by the very use of a payment method in the adult’s name and an online declaration of parent status).
  
  
• Ages 13 to 17: If a user is between 13 and 17, they are still a minor in terms of contract law. Our policy is that profiles for individuals under 18 should be created with the involvement and consent of a parent/guardian. We may allow a tech-savvy teenager (13 or over) to fill in their information, but the purchase and agreement to these terms should be made by someone 18 or over (or a minor 16+ if legally emancipated/able to consent to medical data, but as a default, parental oversight is required). We encourage parents to supervise the information provided for teens.
  
  
• Use of Children’s Data: The data about children (name, medical info, etc.) provided by the parent is used and protected in the same way as adult data, with the additional safeguard that we consider the best interests of the child. We do not use children’s data for any secondary purposes like marketing.
  
  
• Parental Rights: Parents or guardians who have created a child’s profile can exercise the child’s data rights on their behalf (and once the child is old enough to understand their rights, they may also exercise them). If a parent asks us to edit or delete a child’s profile, we will do so promptly.
  
  
• Removal of Child Profiles: If we learn that a profile for a child under 13 was created without verifiable parental consent, we will delete that profile and its data as soon as possible.
  
  
• Child-Friendly Explanations: We aim to make our privacy notices understandable to younger audiences where applicable. If a child (aged 13 or above) is reading this, we want to explain that we only use your information to help you in an emergency and we won't share it or do anything else with it without permission. You (and your parents) can ask us anything about what we have stored, and you can tell us to delete it if you change your mind.
  
  

Data Security Measures: We take security seriously and have implemented appropriate technical and organisational measures to safeguard your personal data against loss, misuse, or unauthorised access. These measures include:
‍

• Encryption: Our website is accessible only over HTTPS, meaning that any data you submit (including personal and health info) is encrypted in transit with industry-standard TLS encryption. The profile pages themselves are delivered via HTTPS as well, so when a first responder views your info, that connection is also encrypted. Where possible, we also encrypt sensitive data at rest in our databases or through platform-level encryption.
  
  
• Access Controls: Personal data is stored in secure cloud databases that are protected by firewalls, regular security updates, and access control mechanisms. Only authorised personnel of Health Pros Network Ltd (or authorised contractors bound by confidentiality) can access the administrative interface or database where user data is stored, and even then, only for legitimate operational reasons (e.g., to help you update info or to maintain the system). Our staff are trained in data protection and obligated to keep data confidential.
  
  
• Profile URL Security: As mentioned, each profile is given a unique, hard-to-guess URL (often comprising a random string of characters). These URLs are not listed publicly or indexed by search engines. While this is not a substitute for other security, it adds a layer of privacy – someone would have to have the exact link or the physical CareTag to find the profile. We advise users not to post their profile link on public forums or social media to avoid unwanted access.
  
  
• Infrastructure Security: We rely on reputable hosting providers who maintain robust physical and network security, including monitoring for intrusion, regular backups, and redundant systems. We apply security patches and updates to our platform in a timely manner. We also utilise anti-malware and monitoring tools to detect suspicious activities.
  
  
• Testing and Policies: We periodically review our security policies and may conduct vulnerability assessments or audits. We also have an internal data breach response plan. In the unlikely event of a data breach that poses a risk to you, we will notify you and the ICO (UK’s Information Commissioner’s Office) as required by law.
  
  
• No Unnecessary Data: One security principle we follow is data minimisation – we only ask for data that is truly necessary for the Service. By not collecting extraneous personal data, we reduce the risk exposure. For example, we do not collect national insurance numbers, exact addresses, or other identifiers that we don’t need for an emergency profile.
  
  

Your Rights as a Data Subject: Under UK GDPR, you have several rights regarding your personal data that we respect and uphold. These include.
‍

1. Right to Be Informed: You have the right to clear and transparent information about how we use your data – that’s the purpose of this Privacy Policy. If you have any questions about our data practices not covered here, please ask us.
   
   
2. Right of Access: You have the right to access the personal data we hold about you. This is commonly known as making a “subject access request.” You can request a copy of your data in a commonly used format. For example, you can ask us to confirm what data we have on you and to provide you with a copy of your profile information and any other relevant records. We will provide this free of charge within one month (unless the request is excessive, in which case we may extend the deadline or charge a reasonable fee as permitted by law).
   
   
3. Right to Rectification: You have the right to have inaccurate personal data corrected or incomplete data completed. If any of the information you provided to us is incorrect or changes (e.g., you have a new allergy or your contact number changes), please let us know. The easiest way to rectify data is to contact our support and request an update. We may need to verify the accuracy of new data you provide.
   
   
4. Right to Erasure: You have the right to have your personal data erased in certain circumstances. This is also known as the “right to be forgotten.” You can request deletion of your data if, for example, it’s no longer necessary for us to hold it, or if you withdraw consent and no other legal basis applies. In practice, you can ask us at any time to delete your CareTag profile. We will comply unless we have a compelling reason not to (for instance, we might retain proof of your transaction for legal purposes, but we will delete the profile contents as you request). If you request erasure while your service is ongoing, that will likely mean terminating the service (since we cannot provide it without processing your data). We will inform you if deletion will entail service cancellation, to confirm you want to proceed.
   
   
5. Right to Restrict Processing: You have the right to request that we limit the processing of your data in certain situations. This could apply if you contest the accuracy of data (while we verify it), or if you object to processing and we are considering that objection, or if processing is unlawful but you want us to hold the data instead of erasing it. Restricting processing means we would store your data but not actively use it (except, say, to protect legal rights). If you request restriction, we will flag your data and ensure we don’t use it for anything not agreed to.
   
   
6. Right to Data Portability: For data you provided to us and which we process by automated means on the basis of consent or contract, you have the right to obtain it in a structured, commonly used, machine-readable format, and you have the right to have that data transmitted to another controller where technically feasible. In plain terms, you can ask for an electronic copy of the data you gave us (for example, the profile fields you filled in) so you can reuse it elsewhere. If needed, we can provide this in CSV or JSON format or similar.
   
   
7. Right to Object: You have the right to object to our processing of your personal data when we are doing so on the basis of legitimate interests or performing a task in public interest (which we do not do), or for direct marketing purposes. For example, if in the future we sent newsletters based on legitimate interest, you could opt out. Or if you disagree with some processing we justified by legitimate interests (such as sending renewal reminders), you can object and we will consider your objection. For health data processed under consent, withdrawal of consent is essentially your way to object to that processing and we will cease it.
   
   
8. Rights related to Automated Decision Making: As noted, we do not carry out automated decision-making or profiling with your data. Under GDPR, you have rights to not be subject to certain types of automated decisions without human intervention. This right is mentioned here for completeness; it is not applicable to our Service because we don’t do this. If that ever changes, we will inform you and ensure your rights are protected.
   ‍

To exercise any of these rights, please contact us using the details in the Contact section. We will respond as soon as possible, and at latest within one month, as required by law. We may need to verify your identity before fulfilling certain requests (for example, to ensure we don’t give your data to someone else). If your request is complex or numerous, we may extend the response time by up to two further months, but we will inform you of this extension and the reason.

Consent Withdrawal: Where we rely on your consent to process data (such as your health info), you have the right to withdraw that consent at any time. You can do so by contacting us and stating that you withdraw consent for us to process your health (or other) data. Once we receive that withdrawal, we will stop the processing in question. Note that withdrawal of consent does not affect the lawfulness of processing that happened before the withdrawal. Also, as mentioned, if you withdraw consent for core data (like health info needed for the profile), we will likely have to delete your profile and cannot continue providing the service. We will advise you of any consequences at that time.
‍

Complaints: We hope to resolve any query or concern you raise about our use of your information. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. You can contact the ICO via their website or telephone helpline. (ICO website: ico.org.uk). We encourage you to contact us first to see if we can address your concerns directly, but you are entitled to approach the ICO at any time.

Contact Us: If you have any questions about this Privacy Policy or your personal data, or if you wish to exercise any of your rights, please contact us at:
‍

• Data Controller: Health Pros Network Ltd (trading as CareTag.uk)
  
  
• Email: support@caretag.uk (for privacy enquiries, data requests, and general support)
  
  
• Contact Form: You may also reach out via our website’s contact page if available.
  
  

We will respond to inquiries as soon as possible, generally within 2 business days for support questions and within 1 month for formal data requests.

Changes to this Privacy Policy: We may update this Privacy Policy from time to time, for example to reflect changes in the law or our services. If we make significant changes, we will notify you (for instance, by email or by a notice on our site). The “last updated” date at the bottom will indicate when the latest changes were made. We encourage you to review this Policy periodically. By continuing to use the Service after an update, you acknowledge the revised Policy. However, if we plan to use your data for a new purpose that is not compatible with the original purpose, we will seek your consent where required by law.
‍

Last updated: 31st of May 2025 (This Privacy Policy is effective as of this date)