Privacy Policy

Key Summary

You are seeing this because you are either an Employee, a Companion, or someone who otherwise uses our website, downloaded our companiions App, or contacted us by any means. We want to tell you about the type of data we use, the reasons why, and how we comply with the law and your rights. We want to get this right for you, so please read our privacy notice and do not hesitate to contact us at support@companiions.com if you have any questions.

  • The main reasons for which we use your personal data is for you to register with companiions and use the app, to analyse behaviours to improve our app or websites, and to send you information about services we think you will like.

  • In order for you to register you will provide some information to complete your profile as an Employee or a Companion. When you register as a Companion we will carry out proof of identity checks for security reasons (see more details here).

  • We also use cookies and we have a separate cookies policy to tell you details about it.

  • All the information you include in your profile will be seen by the other users.

Table of Contents

About Us

What information do we collect?

Why and how do we process your personal data?

Who will have access to your personal data?

Where is your personal data?

When will we delete your personal data?

Your rights

Glossary

About Us

We are companiions Ltd ("companiions"). We are responsible for your personal data (what the law calls a "data controller") and we want to do the right thing because we respect your privacy.

We will use your data in compliance with the Data Protection Laws and will always take steps to be transparent and keep you informed of any changes.

Please read this Privacy Notice carefully as it contains important information, including:

  • Your rights 

  • Why and how we use your personal data; and

  • Who whom your information is shared.

If you have any questions, our contact details are:

Address: companiions ltd, 7 Bell Yard, London, W2CA 7JR 

Email: support@companiions.com

If you need extra help

If you would like this notice in another format (for example: audio, large print, braille) please contact us


What information do we collect?

If you are one of our Companions:

We will collect: 

  • Your name, 

  • Address, 

  • Phone number, 

  • Email address, 

  • Date of birth, 

  • ID details, 

  • Proof of ID: a copy of your passport or driving license, and a utility bill or bank statement as proof of address

  • Any other data that you include in the introduction to your profile including your profile picture

  • Emergency contact details

  • Financial information such as sort code and account number  

  • Information that you provide about what you offer as a Companion

  • Information that you provide so employees know that they can trust you and the services or activities that you offer, including copy of any DBS checks you may voluntarily upload onto the app in order to share it with employees, and

Information that we collect when we use cookies. See the details in our cookie policy.

If you are an Employee using companiions:

We will collect: 

  • Your name, 

  • Address, 

  • Phone number, 

  • Email address, 

  • Date of birth,

  • Debit or credit card,

  • Loved one’s name, date of birth, address, home entry details and conditions.

  • Any other data that you include in the introduction to your profile including your profile picture, 

  • Emergency contact details, and

  • Information that we collect when we use cookies. See the details in our cookie policy.

If you are visiting our website or if you contact us by any means:

If you contact us by any means in order to deal with your query we will collect your name, contact details and any information that you may provide that is relevant to deal with your query.

If you are visiting our website or download our App, but you do not register as a Companion or an Employee, we may collect some information about you through the use of cookies. Please see our cookie policy for more details.

Personal data about other individuals

If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf. We may ask you to confirm it otherwise if necessary before we take that information.


Why and how do we process personal data?

In this table, you can see the reasons why we use your data, and how this is legal. 

When our legal basis is “legitimate interest”, we have ensured that our legitimate interest is not overridden by your rights and freedoms. You have the right to object to the processing of your data of any of the legitimate interests identified.

If you have consented to receive marketing from us, you can opt-out at any time. See 'Your Rights’ for further information.

More Information

Purpose

Legal Basis

As part of your registration process as a companion, our systems will carry out checks using our verification partner, to confirm your identity via an ID and proof of address check. You will see the status of this check in-app.

To confirm your ID

We have a legitimate interest in providing a safe & secure environment.

To provide you with the services you have requested if you are an Employee or a Companion

Contract

We will keep this data for your records until you decide to delete it. If you include information in your profile this will be available to all users (Companions and Employee), so you are making this information publicly available. If we otherwise need to use sensitive data about you we will ask for your consent first unless we have a legal reason to use this data.

To keep records of any sensitive information (for example about your health) provided by you that you would like to keep in your profile/communications with your Companions.

Information manifestly made available.

To respond to your enquiries

We have a legitimate interest in providing a quality service

We will use your contact details to send you information by email or SMS about similar services that we think are of your interest. Also, to check whether you need anything from us. We will also send you information via email or SMS to ask about your marketing preferences. We will send you reminders and notifications to ask you if you need anything from us. If appropriate, we will ask for your consent first to send you other offers and information that might be tailored to your interests.

To send marketing communications

We have a legitimate interest in carrying out marketing actions. When required by law, we will however seek your consent.

We will use your personal data to carry out customer due diligence measures (“Know Your Client, or “KYC” checks) as required by law.

For compliance and fraud prevention

To comply with the law

We use cookies when they are necessary for the App or website to work, to monitor how users behave to improve our services and for marketing purposes. See our cookies policy for more information.

To monitor app usage to improve our services

We have a legitimate interest to analyse data in order to improve our services and for marketing purposes. Otherwise, we will ask for your consent first.

We monitor and record communications with you for the purpose of quality assurance, training, fraud prevention and compliance.

Monitoring & recording communications

Who will access your personal data?

We will disclose your personal data to:

Who information is shared with

What personal data can they see

Our IT related service providers who host and maintain our systems and operate our app

Any information that you provide when using the App.

Our verification partner to carry out checks to confirm your identity when you are a Companion.

The proof of ID information and copies of the documents that you have provided.

Third parties that provide us with services concerning the cookies we use.

See our cookies policy for more information.

If you want to know the names of our service providers, please contact us using the details at the start of this Privacy Notice.

Where is your personal data?

Transfers of your information to international organisations or out of the UK/EEA

We may need to transfer your personal data to international organisations or countries that are located outside the UK or the European Economic Area. This will usually happen when we contract services with international providers. We have taken steps to ensure that when your data is transferred elsewhere your data will be kept secure and in compliance with this policy and the data protection laws. For example, we will put in place clauses that are specifically approved to allow these transfers. Also, where we relied on companies that were Privacy Shield certified, as this is now an invalid mechanism as a result of the Court of Justice for the European Union ruling on the 16th July 2020, we are only transferring data to companies who set out appropriate Standard Contractual Clauses (SCCs) to adequately safeguard your data. If you want to know more details please contact us at contactus@companiions.com

How we keep your data secure

We strive to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. For example, we request that our services providers, where relevant, are granted with certifications such as ISO 27001. We also follow recognised industry practices for protecting our IT environment and physical facilities.

If you have any particular concerns about your information, please contact us.

When will we delete your personal data?

We will retain your data until the appropriate period detailed below expires.

How long will this be held for

Data we process

As long as your account is active, and then we will keep it for as long as we need it to comply with legal requirements or in relation to claims.

Profile information

As long as your account is active, and then we will keep it for as long as we need it to comply with legal requirements or in relation to claims.

Visit history, payment information

As long as your account is active, and then we will keep it for as long as we need it to comply with legal requirements or in relation to claims.

Contact details and that of loved ones

Your rights

You have the following rights:

The right of access to personal data relating to you;

  • The right to correct any mistakes in your information;

  • The right to ask us to stop contacting you with direct marketing;

  • rights in relation to automated decision making;

  • The right to restrict or prevent your personal data being processed;

  • The right to have your personal data ported to another data controller (e.g. if you decide to contract with a different service provider); and

  • The right to erasure.

These rights are explained in more detail below, but if you have any comments, concerns or complaints about the use of your personal data by us, please contact us (please refer to section "How to contact us").

We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex, in which case we will respond within three months.

Some of these rights are limited depending on the circumstances. If this happens and we cannot exercise your right as you request, we will inform you of the reasons why.

Right to access personal data relating to you

You may ask to see what personal data we hold about you and be provided with:

  • A copy;

  • Details of the purpose for which it is being or is to be processed; 

  • Details of the recipients or classes of recipients to whom it is or may be disclosed, including if they are overseas and what protections are used for those oversea transfers; 

  • The period for which it is held (or the criteria we use to determine how long it is held); 

  • Any information available about the source of that data; and

  • Whether we carry out any automated decision-making, or profiling, and where we do information about the logic involved and the envisaged outcome or consequences of that decision or profiling.

To help us find the information easily, please provide us as much information as possible about the type of information you would like to see.

Right to correct any mistakes in your information

You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:

  • Contact us

  • Let us have enough information to identify you (eg account number, Employee name, registration details), and

  • Let us know the information that is incorrect and what it should be replaced with.

Right to ask us to stop contacting you with direct marketing

You can ask us to stop contacting you by email with marketing materials. If you would like to do this, please:

  • Contact us

  • Or you can also click on the ‘unsubscribe’ button at the bottom of any email. 

  • Provide us with details of your preferred method of contact for us to respond to this request.

Rights in relation to automated decision making

You may ask us to ensure that, if we are evaluating you we don’t base any decisions solely on an automated process and to have any decision reviewed by a member of our staff.

This right will not apply in all circumstances, for example, where the decision is authorised or required by law and steps have been taken to safeguard your interests.

Right to prevent the processing of personal data

You may request that we stop processing your personal data temporarily if:

  • You do not think that your data is accurate. We will start processing again once we have checked whether or not it is accurate;

  • The processing is unlawful but you do not want us to erase your data;

  • We no longer need the personal data for our processing, but you need the data to establish, exercise or defend legal claims; or

  • You have objected to processing because you believe that your interests should override our legitimate interests.

Copies of your personal data (data portability)

You may ask for an electronic copy of your personal data which we hold electronically and which we process when we have entered into a contract with you. You can also ask us to provide this directly to another party.

Right to erasure

You can ask us to erase your personal data where:

  • You do not believe that we need your data in order to process it for the purposes set out in this Privacy Notice;

  • If you had given us consent to process your data, you withdraw that consent and we cannot otherwise legally process your data; 

  • You object to our processing and we do not have any legitimate interests that mean we can continue to process your data; or

  • Your data has been processed unlawfully or have not been erased when it should have been.

Complaints to the regulator

It is important that you ensure you have read this Privacy Notice - and if you do not think that we have processed your data in accordance with this notice or the data protection laws we would like to hear from you as soon as possible. Otherwise, you have the right to complain at any time to the Information Commissioner's Office. Information about how to do this is available on his website at www.ico.org.uk.

Glossary

This means any information from which a living individual can be identified. This will include information such as names, e-mail addresses and telephone numbers. It will also cover information which on its own does not identify someone but which would identify them if put together with other information which we have or are likely to have in the future.

Personal data, or data

This means any information relating to: racial or ethnic origin; political opinions; religious beliefs or beliefs of a similar nature; trade union membership; physical or mental health or condition; sexual life; genetic data or biometric data for the purpose of uniquely identifying you; or offences or alleged offences or information relating to any offences committed or allegedly committed.

Sensitive personal data, sensitive data, or special categories of data

This covers virtually anything anyone can do with personal data, including: obtaining, recording, retrieving, consulting or holding it; organising, adapting or altering it; disclosing, disseminating or otherwise making it available; and aligning, blocking, erasing or destroying it.

Processing

The person to whom the Personal Data relates.

Data subject

The UK Information Commissioner is responsible for implementing, overseeing and enforcing the Data Protection Laws.

Information commissioner

This means any person who determines the purposes for which, and the manner in which, any Personal Data are processed.

Data controller

This means any person who processes the Personal Data on behalf of the data controller.

Data processor

This means the laws which govern the handling of data. This includes the General Data Protection Regulation (EU) 2016/679 (known as GDPR) and any other national laws implementing that Regulation or related to data protection.

Data protection laws

Your employer or company

Your name and service usage ie. number of hours used, for tax processing purposes and monthly reporting purposes