Privacy Policy

This page explains the terms and conditions by which you may use our Mobile Applications (as defined below) and any and all related websites, online and/or mobile services, and software (collectively, the “Service”) owned and operated by Poonyah Care Ltd (“Poonyah”, “we”, “our”, or “us”).

Poonyah Care Limited has its registered office at Poonyah Care Ltd, 124 The Vale, Golders Green NW11 8SL By downloading, accessing or using the Service, or by clicking a button or checking a box marked “I Agree” (or something similar), you signify that you have read, understood, and agree to be bound by these Terms of Service (this “Agreement”) and to the collection and use of your information as set forth in our Privacy Policy, whether or not you are a registered user of our Service. Poonyah reserves the right to modify these terms and will provide notice of these changes as described below.

This Agreement applies to all visitors, users, and others who access the Service (“Users”). Please read this Agreement carefully to ensure that you understand each provision. For the purposes of Data Protection Legislation (as defined below) Poonyah Care Limited is the data controller. References to “Poonyah”, “we”, “us” or “our” are references to Poonyah Care Limited. We take the privacy of your information very seriously.

This privacy policy explains how we collect and use your personal information in connection with the provision of care services including:

● through your use of our Website and mobile apps or any Poonyah application that we make available from time to time or by contacting us via any means including through our Website live chat, Facebook, by email or phone;

● by being a user (“Service User“) or prospective Service User of our care services including but not limited to: On Demand Care, Elderly Care, Palliative Care, Live-in Care, Dementia Care and Private Nursing (our “Services“);

● by being a person(s) arranging the care for and on behalf of a Service User (“Client“);

● by being next of kin to a Service User or prospective Service user of our Services; or ● by interacting with our content and/or services including by applying to be one of our carers or employees.

This policy also applies to information held about suppliers and possible future suppliers, contacts and all other people we hold information about. This policy does not apply to our employees or carers. References to “you” are references to any natural person excluding any of our employees data but including any users, or prospective of our care homes, any users’ next of kin, any person accessing this Website. Please read this privacy policy carefully.

Definitions and interpretation

In this privacy policy, the following definitions are used:

“Data Protection Legislation” the EU General Data Protection Regulation 2016/679; together with all other applicable legislation relating to privacy or data protection and including any statute or statutory provision which amends, extends, consolidates or replaces the same. The terms “personal data”, “data subject”, “controller”, “processor” ,“process” (and its derivatives) and “special categories of personal data” shall have the meanings given to them in the Data Protection Legislation; “Cookies” a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies); “UK and EU Cookie Law” the Privacy and Electronic Communications (EC Directive) Regulation 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011;

What information we collect

From our Website users / people who contact us via the Website, we may collect the following types of personal information (personal data) about you when you use the Website or when you correspond with us (for example, by email) for any reason:

  • Your personal information collected when using our Website chat service including your name and chat history;
  • IP address (automatically collected)
  • Web browser type and version (automatically collected)
  • Contact information such as address, email addresses and telephone numbers;
  • Operating system (automatically collected)
  • A list of URLs starting with a referring site, your activity on this Website, and the site you exit to (automatically collected)

    From our Service Users and prospective Service Users, we may collect the following types of personal information (personal data) about you as one of our Service Users, or prospective Service Users, in order to provide you with the Services:

  • Personal details of Service User: name, address and telephone number along with photo ID;
  • A photograph of the Service User;
  • Condition of a Service User’s home;
  • Religious and cultural beliefs;
  • Next of kin, and their contact details;
  • Completed Herbert Protocol form (for Service Users with dementia);
  • House entry instructions including: directions, access to a Service User’s property and key codes for the same;
  • Personal medical information including past medical history, medication requirements, or whether the Client has capacity to make decisions;
  • Care plans;
  • A Service User’s care preferences, including whether carer’s are permitted to where footwear in a Service User’s home, details of a Service User’s pets, favourite activities, dietary requirements,
  • Financial information such as credit/debit card numbers;
  • Continuous reviews.

    The personal data we collect may also include so called ‘sensitive’ or ‘special categories’ of personal data, such as details about your health or ethnic origin. Where required to by Data Protection Legislation, we will seek separate permission from you in writing to process these special categories of personal data.

    From our clients or next of kin of Service Users, we may collect the following types of personal information (personal data) about you, as our Client:

  • Personal details of our Client: name, address and telephone number along with photo ID;
  • Nature of their relationship with a Service User;
  • Financial information such as credit/debit card numbers.

    From applicants to Poonyah Care, we may collect the following types of personal information (personal data) about you in connection with applying to be an employee or carer for Poonyah:

  • your name and date of birth;
  • your home address and contact details (including your mobile telephone number and email address),
  • your educational (including what training courses you have completed) and professional qualifications, your right to work, visa status, employment status; and
  • your experience in providing care in a professional capacity;
  • what training courses you have completed;
  • the type of care you are interested in providing;
  • any other information about you that you disclose to us during the application process including your CV; and
  • details of how you heard about Poonyah Care.

    Purposes of processing and use of your personal information

    Any or all of the above types of personal data may be required by us from time to time in order to provide you with the best possible services and experience when using our Website or otherwise when providing our Services. Generally, personal data may be used by us for the following reasons:

  • internal record keeping;
  • consider your application where you have applied for a position with us
  • improvement of our products/services;
  • data analytics;
  • carry out our obligations arising from any agreements entered into between you and us;
  • communicate with you;
  • administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • transmission by email of promotional materials that may be of interest to you (where we have the right to do so).

    In each case, in accordance with this privacy policy and Data Protection Legislation.

    Specifically, Service User and Client personal data may be used for the following reasons: 

  • to contact the Client and/or Service User and attend their address to give care;
  • to deliver quality care to the Service User;
  • to take payment and grant refunds;
  • to carry out data analytics including but not limited to predictive health analytics;
  • to assist care workers, partner agencies and the police if the person it refers a Service User goes missing;
  • to allow our carers access to a Service User’s property;
  • to liaise with those designated to assist in care needs, or people who have power of attorney, to help with care delivery;
  • to conducts periodic reviews, phone calls, spot checks, management visits, medication supervisions, and satisfaction surveys to ensure ongoing quality care delivery.
  • How your data is stored with us
      1. We take data privacy to higher standards so your data will be split into two dataset categories:
        1. First dataset will include your personal and identifiable data, that could be traced back to you. We only keep this part of the data within your consent and the terms of this policy.
        2. Second dataset will include your medical data, figures and numbers in other terms, that are non-identifiable and no one including our team will be able to trace that data back to you without the link to the first dataset
        3. The first dataset will generate a unique user ID that will link your personal information with the medical information.
      2. According to this policy, when the time comes for data deletion, we will permanently delete the data from the first dataset, therefore eliminating the chances of linking the medical data in the second dataset on our servers to you. In other terms, after your identifiable information is deleted, we will know that someone of the age of X with a Heart Rate of Y had a Blood glucose of Z, although we will have no idea who this data is linked to.
  • Legal basis for processing

    Our processing of your personal data is necessary:

    (i) for the performance of contracts to which you will be a party and in order to take steps at your request prior to you entering into those contracts;

    (ii) where required by a legal or regulatory obligation; and

    (iii) for the purposes of legitimate interests pursued by us.

    We will only process special categories of personal information such as information about your health if such processing is necessary for the provision of health or social care or treatment or the management of health or social care systems and services or by obtaining specific consent from you at the time we collect it.

    If you completed the Data Protection Consent Form appended to the Poonyah Terms and Conditions you will have provided consent in accordance with Data Protection Legislation to the processing by Poonyah of your special categories of personal data.

    Legitimate interests

    Where our processing is based on the legitimate interest grounds described above, those legitimate interests are:

    (i) collecting personal information to provide you with a smooth and efficient customer experience;

    (ii) running our business;

    (iii) to provide the products and services you have requested;

    (iv) to prevent fraud; and

    (v) for our own marketing, research and service development.

    Disclosure of your personal information

    Except as expressly set out in this privacy policy we do not share, sell, or lease personal information about you to any third parties for their marketing use.

    However, we share your information with the following categories of companies as an essential part of being able to provide our products and services to you, as set out in this privacy policy:

    1. Professional service providers, such as marketing agencies, advertising partners and website hosts who help us run our business;

    2. Credit reference agencies, law enforcement and fraud prevention agencies, so that we can help tackle fraud and otherwise conduct background checks;

    3. Companies approved by you, such as social media sites (if you choose to link your accounts to us);

    4. Other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity.

    Transferring data outside of the EEA

    Your personal information may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“) and may also be processed by staff operating outside the EEA who work for us, or for one of our service providers.

    When we, or our permitted third parties, transfer your information outside the European Economic Area, we or they will impose contractual obligations on the recipients of that data to protect your information to the standard required in the European Economic Area. We or they may also require the recipient to subscribe to international frameworks intended to enable secure data sharing.

    In the case of transfers by us, we may also transfer your information where:

    (i) the transfer is to a country deemed by the European Commission to provide adequate protection of your information; or

    (ii) where you have consented to the transfer.

    How long will we keep your information?

    • If you no longer use our platform, after 12 months of being idle, we will remove your identifiable personal data from all of our servers and only keep anonymised data that will no longer allow anyone to trace back the individual linked to it initially. 
    • We will only keep the information we collect about you for as long as required for the purposes set out above or as required to comply with any legal obligations to which we are subject, unless you request its deletion or you are idle for 12 consecutive months. While you are using our platform and we have your consent, we will be using your data in order to review our files to check that the information is accurate, up-to-date and still required.
    • Where we are permitted to send you direct marketing communications we may retain your contact information necessary for this purpose, (provided that you have consented to receiving them) for as long as you do not unsubscribe from receiving the same from us.

    • Data Deletion
    • If you request so, we will delete your data right after you have requested it from our apps. Because we use sophisticated and secured data storage system, your personal data will be deleted instantly from our UK servers but it will take up to two months to be deleted from our backup servers. After that period, your personal data will no longer rest on any of our servers.

        Liquidation or Dissolution

        At Poonyah Care we are conscious that our primary aim is to deliver, to our Clients and Service Users, outstanding, safe, effective, caring, responsive, well-led and person-centered care.

        If for whatever reason Poonya Care was no longer operational either by dissolution or in liquidation, personal data retained would be escrowed appropriately and ring-fenced to ensure its safe retention for the purpose of any administrative process.

        Your rights

        You have a number of rights concerning the way that we use your information. At any time, you have the right to:

        1. be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from whom it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);

        2. request access to or a copy of any personal data we hold about you;

        3. request the rectification of your personal data, if you consider that it is inaccurate;

        4. request the erasure of your personal data, if you consider that we do not have the right to hold it;

        5. object to your personal data being processed for a particular purpose or to request that we stop using your information;

        6. request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data;

        7. ask us to transfer a copy of your personal data to you or to another service provider or third party where technically feasible; and

        8. ask us to stop or start sending you marketing messages at any time by using the below contact details.

        Requests to exercise these rights should be made in writing to we will respond within a within a reasonable period or in accordance with any statutory time limits contained in Data Protection Legislation.


        1. You also have the option of “unsubscribing” from our mailing list for email news alerts and updates at any time, thereby disabling any further such email communication from being sent to you, by clicking the link at the bottom of the email.

        2. Alternatively, you can send an email to with the word ‘remove’ in the subject line and the email address that you wish to be removed within the email. In addition, each electronic mailing we send you will contain details of how you can unsubscribe.

        Automated processing

        We do not carry out automated decision-making or profiling in relation to your personal information.

        Third party websites and services

        1. Poonyah may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. The providers of such services have access to certain personal data provided by Users of this Website.

        2. Any personal data used by such parties is used only to the extent required by them to perform the services that we request. Any use for other purposes is strictly prohibited. Furthermore, any personal data that is processed by third parties will be processed within the terms of this privacy policy and in accordance with Data Protection Legislation.

        Links to other websites

        1. This Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.


        1. Data security is of great importance to Poonyah and to protect your personal data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your personal data.

        2. If password access is required for certain parts of the Website, you are responsible for keeping this password confidential.

        3. We endeavour to do our best to protect your personal data. However, transmission of information over the internet is not entirely secure and is done at your own risk. We cannot ensure the security of your personal data transmitted to the Website.


        1. This Website may place and access certain Cookies on your computer. We use Cookies to improve your experience of using the Website and to improve our range of services. Poonyah Care has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times.

        2. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.

        3. Before the Website places Cookies on your computer, you will be presented with a pop-up requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling Poonyah to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.

        Type of Cookie

        This Website may place the following Cookies:

        Strictly necessary cookies – These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

        Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.

        Functionality cookies – These are sued to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

        Targeting cookies – These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

        1. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.

        2. You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.

        3. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.


        1. You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.

        2. If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

        3. Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other right or remedy.

        4. This privacy policy is governed by and interpreted according to English law. All disputes arising under this privacy policy are subject to the exclusive jurisdiction of the English courts.

        Changes to this privacy policy

        1. We may change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website.

        2. You are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations. If you do not accept the changes made to this privacy policy you should immediately stop using the Website.

        Contacting us and complaints

        1. If you have any questions about this privacy policy you may contact by email at

        2. If you have any concerns about our use of your information, you also have the right to make a complaint to the Information Commissioner’s Office, which regulates and supervises the use of personal data in the UK, via their helpline on 0303 123 1113.