We are Birdie Care Services Ltd, registered at Companies House under number 10863579.
St James House, 13 Kensington Square, London, United Kingdom, W8 5HD
Our Data Protection Officer can be reached by emailing dpo@birdie.care.
Birdie Care Services plays a dual role when it comes to processing. In some situations, we act as a Controller, in others we are the Processor. When we are a Processor of personal data, we are doing so purely on the instruction of another company (the Controller). If you are a patient or healthcare professional, then that company is likely to be the care provider. To find out more about how your data is protected by them, you should contact them directly.
We are registered with the ICO as a fee payer because we have chosen to appoint a Data Protection Officer. We have a Data Protection Officer because we process a lot of sensitive data on behalf of other companies and we want to ensure that we are protecting your rights and freedoms at all times, in the course of our day to day activities.
Birdie Care Services, does on occasion, act as a Controller. This is only for the data that we process for our day to day internal business operations, as well any technical data that is collected by our app.
We only collect the data that we need to carry out a task and do not keep data longer than is necessary. We delete data when it is no longer required for the purpose that we collected it.
This privacy notice refers to the data we process as a Controller only.
We are happy to talk to you about how we process and protect data, just email us dpo@birdie.care.
To see more about how we use your personal data, read the notice or notices which apply best to your relationship with us:
I am an employee of Birdie Care Services Ltd
I am a corporate client (Care Agency)
I am a potential corporate client (Care Agency)
I am a Dementia Support Service User
As a corporate client, we hold the contact and payment details required to carry out our contract with you, manage our relationship and keep you up to date with changes and improvements to our services. This data would have been sourced from you directly.
Our lawful basis for processing your data is a combination of Contract and Legitimate Interest. We use legitimate interest when we use your data to keep you up to date with changes and improvements to our goods and services. Results of a legitimate interest balancing test indicate that this use is pursuing a legitimate interest, is necessary for the purpose of keeping you updated and growing our business, and unlikely to cause you risk or harm.
Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.
We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.
We hold data on Corporate Clients for the length of time that you are a client of ours, then another 7 years in case of any dispute.
All data is password protected, access controlled, backed up securely and encrypted when appropriate.
All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.
Data Privacy by Design and Default is an integral part of our development processes.
All devices are protected by a leading enterprise mobility management technology
You have rights in respect of our processing of your personal data. The relevant rights are:
If you want to exercise any of these rights, please just contact us on dpo@birdie.care
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/
If you are an employee of Birdie Care Services Ltd, please refer to the Fair Processing Notice that is stored in the Employee Handbook.
As a potential client, we hold your name, job title and corporate contact details so we can build a relationship with you. This data will have been sourced directly from you at an event, or from your company website or a similar publicly available source. We only hold your data if we legitimately think you will have an interest in using our product.
Our lawful basis for processing your data is a Legitimate Interest for marketing purposes. As you are a corporate entity, we also abide by the Privacy and Electronic Communications Regulations (PECR). We give you the change to opt out of all marketing on anything that we send you. We only share details of our own goods and services in our marketing.
If your data was not sourced directly from you, then we contact you once we have the data to let you know that we have your data and give you the chance to opt out.
Our legitimate interest balancing test indicates that this is a legitimate purpose: you would not be surprised to hear from us based on the nature of your job role, and our processing does not cause any harm or risk to you as a data subject.
Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.
We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.
We hold data on Potential Corporate Clients for as long as we think you are likely to be interested in our goods and services, or until the point at which you opt out of communications. At this point you are added to a suppression list so we do not contact you again.
When you become a Corporate Client, then the privacy Notice for Corporate Clients will apply.
All data is password protected, access controlled, backed up securely and encrypted when appropriate.
All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.
Data Privacy by Design and Default is an integral part of our development processes.
All devices are protected by a leading enterprise mobility management technology
You have rights in respect of our processing of your personal data. The relevant rights are:
If you want to exercise any of these rights, please just contact us on dpo@birdie.care
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/
As an app user, you provide some data to enter into a contract with us. This will be your contact details. We also process data about the way you use our app, including your IP address and browsing time. This helps us to optimise the performance of our app, monitor it for security purposes and drive improvements for our users.
Our lawful basis for processing your data is a combination of Contract, Legitimate Interest and Consent. We use your contact details to provide you with the app and the appropriate technical support as needed; this is our contract with you. We use legitimate interest when we use your data to improve the performance of the app, process your data for marketing purposes, and protect it from illegal use. Results of a legitimate interest balancing test indicate that this use is pursuing a legitimate interest, and unlikely to cause you risk or harm.
When we send marketing messages to you, we rely on consent under Privacy and Electronic Communications Regulations (PECR). This consent is collected via the app. We are aware that as an employee of a corporate subscriber, we could send marketing messages without consent. However, we feel that consent is a better option for you in this instance. You can withdraw this consent at any time.
Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.
We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.
We hold data used to fulfil the contract for 12 months after the termination of the contract.
We delete log data 12 months after you cease using the app.
We remove you from our marketing database, onto a suppression list, when you opt out of receiving communications from us.
All data is password protected, access controlled, backed up securely and encrypted when appropriate.
All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.
Data Privacy by Design and Default is an integral part of our development processes.
All devices are protected by a leading enterprise mobility management technology
You have rights in respect of our processing of your personal data. The relevant rights are:
If you want to exercise any of these rights, please just contact us on dpo@birdie.care
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/
When you browse our website we drop only essential cookies that make our site work. We do not currently use any analytics or tracking cookies.
If you submit data into the forms on our website to request a demo or further information then we process your name, address, agency you work for and your phone number only for the purposes that you have provided it for. The lawful basis for processing this data is contract, you have supplied information with a view to us offering you a service.
Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.
We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.
All data is password protected, access controlled, backed up securely and encrypted when appropriate.
All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.
Data Privacy by Design and Default is an integral part of our development processes.
All devices are protected by a leading enterprise mobility management technology
You have rights in respect of our processing of your personal data. The relevant rights are:
If you want to exercise any of these rights, please just contact us on dpo@birdie.care
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/
As a Dementia Support Service user, you provide some data to enter into a contract with us. This will be your contact details. We store details about consultations we have had with you, to ensure a consistent and reliable service. We also process data about the way you use our app, including your IP address and browsing time. This helps us to optimise the performance of our app, monitor it for security purposes and drive improvements for our users.
Our lawful basis for processing your data is a combination of Contract, Legitimate Interest and Consent. We use your contact details to provide you with the app, the service capability and the appropriate technical support as needed; this is our contract with you. We use legitimate interest when we use your data to improve the performance of the app, and protect it from illegal use. Results of a legitimate interest balancing test indicate that this use is pursuing a legitimate interest, and unlikely to cause you risk or harm. We also rely on legitimate interest to store information about the consultations we have with you. Where this contains any special category data, we process this data because we provide social care to you are as a care provider.
Like most companies, we use a number of third parties as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield.
We do not sell your data to anybody and we do not share it with anyone other than our contracted processors.
We hold data used to fulfill the contract for 12 months after the termination of the contract.
We delete log data 12 months after you cease using the app.
All data is password protected, access controlled, backed up securely and encrypted when appropriate.
All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects.
Data Privacy by Design and Default is an integral part of our development processes.
All devices are protected by a leading enterprise mobility management technology
You have rights in respect of our processing of your personal data. The relevant rights are:
If you want to exercise any of these rights, please just contact us on dpo@birdie.care
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/