Privacy Policy for Individuals

Privacy Policy (Individual Users)

Last updated: 21 September 2025Who we are: CareTag.uk is operated by Health Pros Network Ltd (Company No. 15970093), registered in England and Wales (“we”, “us”, “our”). This policy explains how we handle your personal data under the UK GDPR and Data Protection Act 2018.

Quick summary

  • We store essential emergency profile data you give us (including health info) so first responders can help you fast.
  • Profiles are accessible via a unique, non-indexed link (and NFC/QR on your tag).
  • Emergency contact is required.
  • Data is hosted in the UK (London) on Google Cloud/Firebase, encrypted at rest and in transit.
  • You control your data: request and update or delete at any time by contacting support@caretag.uk
  • If you lose your tag, email support@caretag.uk and we’ll deactivate within 24 hours (usually much faster).

What we collect

Identity & basics

  • First and last name; city/town; year of birth (or DOB if you choose to provide it).
  • Email address (for receipts, support, renewals).

Emergency contact (required)

  • Name, relationship and phone number of your emergency contact. You confirm they agree to be listed.

Health (special category) data

  • Conditions, allergies, medications/devices, language(s), “other information” you choose to show on your public-by-link profile.
  • We only process this with your explicit consent for emergency use.

Media

  • Optional profile photo (stored in Firebase Storage).

Technical & security data

  • Basic logs (e.g., IP address, user-agent, timestamps) for security and troubleshooting. No ad tracking.

How we use your data (and legal bases)

  1. Provide your emergency profile (contract + explicit consent for health data)
    • Host and display your profile via a unique token link (and NFC).
    • Show only the fields you provided.
  3. Emergency access & contact (explicit consent; vital interests for life-threatening situations)
    • Anyone with the unique link (e.g., first responders) can view your profile.
    • Your emergency contact may be called by first responders/clinical staff in urgent situations, or a bystander assisting in an obvious emergency.
  5. Support, renewals, service updates (contract/legitimate interests)
    • Purchase confirmations, renewal reminders, service messages, and help requests.
  7. Payments (contract/legal obligation)
    • Process payments via Stripe; we don’t see or store your card details.
  9. Security & compliance (legal obligation/legitimate interests)
    • Prevent abuse, keep audit trails, meet legal record-keeping duties.

We do not use your data for automated decision-making or behavioural profiling.

Public-by-link access

  • Your profile is intentionally accessible to anyone with the unique URL (and the NFC that encodes it) so emergency responders can view it quickly.
  • URLs are long and random; the /p/ pages use noindex and security headers to avoid search discovery.
  • Do not post your profile link publicly. If a link or tag is exposed, ask us to deactivate the token and we’ll help you rotate to a new one.

Where we store and process data

  • Primary hosting: Google Firebase / Google Cloud Platform (GCP), London region (europe-west2). Data is encrypted at rest and in transit.
  • Some processors may process limited data outside the UK/EEA. Where that happens, we use UK Addendum to the EU SCCs or other approved safeguards.

Who we share data with (processors)

We don’t sell your data. We use trusted processors under contracts that require UK GDPR compliance:

  • Google Firebase / GCP – database (Firestore), hosting, storage (profile photos), security logging. Primary hosting in London (UK); Google’s global support infrastructure may involve limited, safeguarded transfers. Privacy: policies.google.com/privacy
  • Stripe – payment processing (we receive transaction metadata only; no card numbers). Privacy: stripe.com/gb/privacy
  • Typeform (if used for onboarding forms) – collects your submission and passes it into our system. EU-hosted with safeguarded transfers if applicable. Privacy: admin.typeform.com/to/dwk6gt
  • Email delivery (e.g., transactional mail provider or Google Workspace) – sends receipts, renewals, and support replies.

If required by law (e.g., a valid court order), we may disclose data to authorities.

Retention

  • Profile data: kept for the active subscription period. If not renewed, we delete within 30 days after expiry.
  • Emergency contact: deleted with the profile.
  • Payments & invoices: retained 6 years (legal/tax).
  • Support emails: normally up to 24 months.
  • Security logs: typically 30–90 days, then purged.
  • Backups roll off per secure rotation; deleted data isn’t restored from backups.

You can also request deletion at any time (see Your rights).

Security

  • Encryption: HTTPS/TLS in transit; server-side encryption at rest.
  • Access control: least privilege for staff, MFA on admin accounts.
  • Headers & indexing: noindex, nofollow, no-referrer, and appropriate cache controls on profile pages.
  • Token design: long, random, unguessable; quick deactivation on report of loss.
  • Policies & response: breach response plan; we’ll notify you and the ICO where legally required.

Lost tag / token deactivation

Email support@caretag.uk with subject “Lost tag – deactivate” and the name on the profile.

  • We will deactivate within 24 hours (usually much faster).
  • We can issue a new token/URL and help you re-programme your  NFC.

Your rights (UK GDPR)

You can: access, correct, delete, restrict, object (where applicable), and port your data.

  • To withdraw consent (for health data) or request any right, email support@caretag.uk with the relevant request (e.g., “Withdraw Consent”, “Delete Profile”).
  • We respond within one month (may extend by two months for complex requests).
  • If you withdraw consent for health data, we’ll deactivate and delete the profile (the service can’t operate without that processing).

Lawful bases we rely on

  • Contract (Art. 6(1)(b)): providing your profile, support, renewals.
  • Consent (explicit) (Art. 9(2)(a)): processing and displaying health data on your public-by-link profile.
  • Legitimate interests (Art. 6(1)(f)): service safety, reminders, contacting emergency contact in an obvious emergency.
  • Vital interests (Art. 6(1)(d) / Art. 9(2)(c)): where necessary to protect life.
  • Legal obligation (Art. 6(1)(c)): tax records, lawful disclosures.

International transfers

Where a processor stores or accesses data outside the UK/EEA, we use approved safeguards (e.g., SCCs with the UK Addendum) and assess whether additional measures are needed.

Children’s data

  • Profiles for under-18s must be created by a parent/guardian.
  • For under-13s, we rely on parental consent.
  • Parents/guardians can exercise the child’s rights or request deletion at any time.

Complaints

You can complain to the ICO at ico.org.uk. Please also contact us first so we can try to resolve your concern quickly.

Contact

Data Controller: Health Pros Network Ltd (trading as CareTag.uk)Email: support@caretag.uk (privacy requests, support)

Changes to this policy

We’ll post updates here and may notify you by email or in-product notice for material changes. If we change how we use your data in a way that requires consent, we’ll ask you first.

Consent statement (for onboarding forms)

By submitting your profile, you give explicit consent for CareTag.uk to process and display your health information on a public-by-link profile for emergency use. You confirm your emergency contact agrees to be listed. You can withdraw consent at any time by emailing support@caretag.uk, which will deactivate and delete your profile.

Copyright 2025 | Health Pros Network Ltd t/a CareTag Company number: 15970093
For Organisations
Sectors SupportedPricing GuideHow it WorksContact
Other
Privacy Policy Terms & ConditionsBlog