CareNotes

← Back to Sign In

Your privacy matters

Last updated: April 8, 2025 · Widelink Technologies

CareNotes is operated by Widelink Technologies. This policy explains what personal data we collect, why we collect it, how long we keep it, and how you can request its deletion. By using CareNotes, you agree to the practices described in this policy.

1. What Data We Collect

We collect only the data necessary to operate the CareNotes platform on behalf of your agency:

▸

Account information — your name, email address, and role within your agency.

▸

Service and care records — documentation created by staff in the course of providing support services.

▸

Individual (client) information — names and identifiers managed by your agency. We do not collect dates of birth.

▸

Staff information — names, contact details, roles, and professional certifications.

▸

Session information — limited technical data used to keep your account secure while you are signed in.

▸

Audit activity — a record of key actions taken within the platform for accountability and compliance purposes.

▸

Notification preferences — your chosen settings for alerts and reminders.

We do not collect payment information, dates of birth, or sensitive personal data beyond what is necessary for care documentation. We do not use your data for advertising or share it with third parties for commercial purposes.

2. How We Use Your Data

Data is collected and used solely to provide the CareNotes service:

▸

To enable care documentation, scheduling, compliance tracking, and reporting.

▸

To keep your account secure and prevent unauthorised access.

▸

To send operational notifications such as record approvals and compliance reminders.

▸

To maintain an audit trail for compliance and regulatory purposes.

▸

To respond to support requests and resolve technical issues.

3. How Long We Keep Your Data

We retain your data only for as long as necessary to provide the service and meet our legal obligations:

▸

Care records and service documentation are retained for up to 7 years to meet regulatory and audit requirements applicable to care agencies.

▸

User account information is retained while your account is active and for a reasonable period after deactivation to allow for recovery.

▸

Session data is automatically expired and removed on a short rolling basis.

▸

Audit activity records are retained for up to 3 years.

▸

Notifications and system alerts are automatically cleared on a rolling basis.

Records that are deleted within the app may be retained in a recoverable state for a short period before permanent removal, to protect against accidental deletion.

4. How We Protect Your Data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. All data is transmitted over encrypted connections. Access to personal data is restricted to authorised personnel only, and all actions within the platform are logged for accountability.

We recommend that all users enable multi-factor authentication (MFA) for additional account security.

5. Your Rights

You have the following rights regarding your personal data:

▸

Right to access — you can request a copy of the personal data we hold about you.

▸

Right to correction — you can update your name and email address from your profile settings at any time.

▸

Right to deletion — you or your agency can request deletion of your data as described in Section 6.

▸

Right to restriction — you can ask us to stop processing your data in certain circumstances.

Agency administrators are responsible for managing data on behalf of their organisation. Requests relating to client records or staff data should first be directed to your agency administrator.

6. Deleting Your Data

You have the right to request deletion of your account and personal data at any time. There are two ways to do this:

▸

In-app — go to Settings → Profile and submit a deletion request directly. Your request will be reviewed and actioned by our support team.

▸

By email — send a request to [email protected] from the email address linked to your account, including your name and agency name. Our team will respond within 10 business days.

Once a deletion request is approved, your account credentials and personal profile will be permanently removed. Care records and documentation you authored may be retained in an anonymised form where required for regulatory compliance.

Agency administrators may request full deletion of their agency's data by contacting our support team directly. Following account closure, agency data is held for a short retention period before permanent deletion in line with Section 3.

7. Cookies & Browser Storage

CareNotes uses cookies and browser storage solely to operate the platform. We use essential session cookies to keep you securely signed in, and local browser storage to remember your display preferences. We do not use advertising cookies, tracking pixels, or any third-party analytics services.

8. Changes to This Policy

We may update this policy from time to time. When significant changes are made, agency administrators will be notified via an in-app announcement. The "Last updated" date at the top of this page will always reflect the most recent revision. Continued use of CareNotes after an update constitutes acceptance of the revised policy.

Contact Us

For privacy enquiries, data access requests, or account deletion, contact us at: [email protected]
Or visit: widelinktech.com/contact-us