Privacy Notice

Anchorapp LTD
Version: July 2025

1. Introduction

Anchorapp is a cloud-based care planning platform supporting care organisations in delivering high-quality, compliant care. As part of this service, we process personal data of platform users and, in some cases, their service users (such as residents or clients).

We are committed to transparency, and this notice outlines what data we collect, how we use it, and your rights under data protection laws.

Contact us anytime at privacy@anchorapp.co.uk or visit anchorapp.co.uk/privacy.

2. Users of Anchorapp (Care Providers / Registered Users)

We collect the following personal data to operate the Anchorapp platform:

  • User details: full name, job role, email, phone, and work address
  • Login & usage data: IP address, access times, and feature usage
  • Support communications: messages or tickets submitted to our team
  • Payment/invoice info (if applicable)

Passwords are securely encrypted and never stored in plain text.

Why do we collect this?
  • To give secure access to the platform
  • To support you and improve our services
  • To comply with legal or regulatory obligations

We process data based on: contractual necessity, legitimate interest, and legal obligation.

3. Care Recipients' Data (Service Users)

Anchorapp allows care providers to enter and manage sensitive data about the people they support. This includes:

  • Basic details: name, date of birth, address
  • Special category data: health conditions, assessments, medications, etc.
  • Contacts: next of kin, GP, social worker

In this context, Anchorapp acts as a Data Processor, not the Data Controller. Data is processed only under instruction and protected under a signed Data Processing Agreement.

4. Friends and Relatives of Service Users

Next of kin or emergency contacts may be added by care providers. Anchorapp does not collect this data directly and processes it only under the customer’s instruction.

To exercise your rights related to this data, please contact the relevant care provider.

5. Data Hosting and Security

Your data is hosted securely in the UK or EEA using cloud providers that meet ISO 27001 or SOC 2 standards. We use robust encryption, access controls, and backup procedures to protect your information.

6. Retention and Deletion

We retain data only as long as needed:

  • User accounts & activity: kept while the contract is active
  • Post-termination: data retained for up to 90 days (for transition/export), then deleted
  • Legal/billing records: retained up to 6 years

All deletions follow the Records Management Code of Practice and our internal policy.

7. Cookies and Website Data

When you use our website, we may collect:

  • IP address, browser type, referral source, pages visited

We use this for analytics and performance monitoring. See our Cookie Policy for details.

8. Your Rights

You have rights under UK GDPR:

  1. Access – Request your personal data
  2. Correction – Fix inaccurate data
  3. Erasure – Ask for data deletion (with limits)
  4. Restriction – Limit data processing in certain cases
  5. Objection – Object to processing under legitimate interest
  6. Portability – Get your data in a machine-readable format
  7. Withdraw consent – If applicable, you may withdraw your consent anytime

To make a request, email privacy@anchorapp.io. We may ask for identity verification.

9. Complaints

If you're unhappy with how we handle your data, you can contact us or reach out to the Information Commissioner’s Office (ICO):

ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
📞 0303 123 1113
🌐 ico.org.uk