Last updated: 19 August 2025
This Privacy Policy explains how Aga Healthcare Ltd] (“Agacare”, “we”, “us”, or “our”) collects, uses, shares and protects personal data when you use the Agacare mobile application and related services (together, the “App”). It also explains your privacy rights and how the law protects you.
If you do not agree with this Policy, please do not use the App.
Controller: [Aga Healthcare Ltd]
Registered address: Unit 20, Moorfield Works, Upper Villiers Street, Wolverhampton, WV2 4NP
Contact email: contact@agahealthcareltd.co.uk
Phone (optional): [+44 …]
Data Protection Officer (if applicable): [Name / contact email]
This Policy covers personal data processed through the App and any support channels we provide (for example, in-app chat or email support). If you visit our website or use third-party services linked from the App, their own privacy policies apply.
What data we collect
A. Account & Profile
Name, email address, phone number, password (hashed), profile photo, role (e.g., service user, carer, clinician).
B. Care & Health Information (special category data)
Care plans, assessments, observations (e.g., pain score, vitals), medications, allergies, symptoms, wound images, appointment notes, risk scores, outcomes, and other information you or your care team enter into the App.
C. Communications
Messages, notes, call times, and attachments exchanged within the App.
D. Device & Technical
Device model, operating system, app version, IP address, crash logs, diagnostics, and usage events.
E. Location
Approximate or precise location to support features such as visit verification, nearby services, or safeguarding.
F. Files, Photos, Camera, Microphone
Photos/videos/audio you choose to upload (e.g., wound images, voice notes), captured with your permission.
You provide it directly (e.g., creating an account, entering care information, messaging).
Automatically via the App (e.g., diagnostics, crash logs, basic analytics).
From others with your permission (e.g., members of your care team, family, or an organisation that invites you).
From third-party services you connect (e.g., [Google Sign-In], [Health data sources])—if enabled.
We process your data to:
Provide and maintain the App (create accounts, deliver features, store your entries).
Legal bases: performance of a contract; legitimate interests.
Deliver care and enable your care team (if the App is used to support care).
Legal bases: performance of a contract; for health data: explicit consent or health/care purposes under applicable law (see Section 6).
Communicate with you (support, service messages, updates).
Legal bases: performance of a contract; legitimate interests; consent where required.
Improve safety, performance and quality (analytics, diagnostics, auditing, preventing abuse).
Legal bases: legitimate interests; legal obligation.
Comply with law and enforce terms (regulatory requests, complaints handling).
Legal bases: legal obligation; legitimate interests.
If you use Agacare to store or share health information, we will process that data only when a lawful condition applies, for example:
Your explicit consent (e.g., you enter and share your health data in the App); and/or
Provision of health or social care by or under the responsibility of a health or social care professional/organisation, where applicable under data protection law.
You may withdraw consent at any time from within the App or by contacting us (see Section 13). Withdrawing consent won’t affect processing already carried out.
Agacare is not an emergency service. If you think you or someone else is at risk, call 999 or the relevant emergency number immediately.
We may share data with:
People you authorise (e.g., invited carers, clinicians, family) so they can view and update relevant information.
Service providers acting on our instructions (e.g., cloud hosting, analytics, crash reporting, customer support, push notifications, email).
Payment processors (if applicable).
Authorities or third parties where required by law or to protect rights, safety, or prevent fraud/abuse.
With your consent or at your direction.
We do not sell your personal data.
We keep personal data only for as long as necessary for the purposes set out in this Policy, including to meet legal, accounting, or reporting requirements.
Account data: kept while your account is active and for a reasonable period after closure to handle queries, disputes, and legal obligations.
Care/health records (if applicable): retained in line with your organisation’s clinical governance and applicable health-records retention requirements.
Diagnostics/analytics: retained for shorter periods necessary to maintain and improve the App.
You can request deletion (see Section 12). In some cases we may need to retain certain information (e.g., for legal obligations).
We use appropriate technical and organisational measures to protect your data, including encryption in transit and at rest (where supported by our cloud providers), access controls, and staff training. No system is 100% secure; we monitor and improve our safeguards regularly.
When prompted by your device, you can allow or deny permissions. Some features may not work without them.
Camera & Photos/Media: capture or upload care images (e.g., wounds).
Microphone: record voice notes or calls (if provided).
Location: verify visits or provide location-based features.
Contacts/Calendar: make it easier to schedule or share (if provided).
Notifications: receive alerts and reminders.
You can change permissions in your device settings.
Subject to legal limits, you can:
Access your data;
Request correction;
Request deletion;
Restrict or object to processing;
Request data portability;
Withdraw consent (where processing is based on consent).
To exercise your rights, contact us at : contact@agahealthcareltd.co.uk . We may need to verify your identity.
Complaints: You can also complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk or call 0303 123 1113.
Agacare is not intended for children under 13 without parental/guardian consent. If you believe a child has provided personal data without appropriate consent, please contact us and we will take appropriate steps.
If used, these services have their own privacy policies:
Google Play Services
Firebase (Analytics/Crashlytics/Cloud Messaging/Firestore/Storage)
[Any other SDKs you use: e.g., Stripe, Sentry, Map services]
We recommend reviewing their policies before use.
We may update this Policy from time to time. We will post the new version here and update the “Last updated” date. Significant changes may be notified in-app or by email.
Questions or requests about this Policy:
Email: : contact@agahealthcareltd.co.uk
Address: Unit 20, Moorfield Works, Upper Villiers Street, Wolverhampton, WV2 4NP