FHcare Tech Platform
FeaturesSolutionsPricingAboutContactSign InRequest Demo

Privacy Policy

Last updated: 29 June 2026

1. Introduction

Who we are

FHcare Tech Platform Limited (“FHcare”, “we”, “our”, or “us”) is a company registered in Ireland. We provide a software-as-a-service platform for healthcare and social care recruitment agencies.

Scope

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use our platform, visit our website, or interact with us. It applies to all users of the FHcare platform, including agency administrators, recruiters, and candidates.

If you are a candidate whose data is processed through a client agency's instance of FHcare, the agency is the data controller for your personal data. Please refer to that agency's own privacy policy for information about their data practices.

2. Information We Collect

Information you provide

When you create an account, use the platform, or contact us, we may collect:

  • Name, email address, phone number, and job title
  • Company or agency name and address
  • Login credentials (password stored as a bcrypt hash — never in plain text)
  • Content you upload (compliance documents, profile photos, certificates)
  • Communications you send to our support team

For candidates using the platform through a client agency, additional data may include: professional registration numbers, right-to-work documents, DBS check information, training certificates, and availability and shift preferences.

Automatically collected data

When you use the platform or visit our website, we automatically collect:

  • IP address and approximate geographic location
  • Device type, browser, and operating system
  • Pages visited and features used (usage analytics)
  • Log data including access times and error reports
  • Cookie identifiers (see Section 8)

Third-party sources

We may receive information from third parties, including identity verification services, background check providers (where permitted by law and instructed by the client agency), and authentication providers used for single sign-on.

3. How We Use Your Information

We use personal data to:

  • Provide and operate the Services — process recruitment applications, manage compliance workflows, enable shift booking, and deliver platform features
  • Account management — create and maintain user accounts, authenticate logins, and send account-related notifications
  • Customer support — respond to support requests and resolve technical issues
  • Security and fraud prevention — monitor for suspicious activity and protect the platform and its users
  • Analytics and improvement — understand how the platform is used and improve features over time
  • Legal compliance — comply with applicable laws and respond to lawful requests from authorities
  • Marketing communications — where you have given consent, send product updates, case studies, and platform news (you may opt out at any time)

5. Data Sharing and Disclosure

We do not sell personal data. We share data only in the following circumstances:

  • Service providers: We engage trusted third-party service providers to support platform operations, including Amazon Web Services (cloud infrastructure), Firebase (push notifications), and SMTP providers (email delivery). These providers process data only on our instructions.
  • Client agencies: If you are a candidate, your data is shared with the recruitment agency whose branded instance of FHcare you are using. That agency is the data controller for your candidate data.
  • Business transfers: In the event of a merger, acquisition, or sale of all or part of our business, personal data may be transferred as part of that transaction. We will notify affected users before data is transferred and becomes subject to a different privacy policy.
  • Legal requirements: We may disclose personal data if required to do so by law, court order, or governmental authority, or where we believe disclosure is necessary to protect our legal rights or the safety of our users.

6. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Services. When you close your account or your subscription ends, we retain your data for 90 days before deleting it, to allow for account recovery and to comply with legal obligations.

Compliance documents and candidate records processed on behalf of client agencies are retained in accordance with the client agency's instructions and applicable employment and healthcare regulation (typically 7 years after the end of the employment relationship).

You may request deletion of your personal data at any time (subject to our legal retention obligations) by contacting us at privacy@fhcaretech.com.

7. Your Rights

GDPR / UK GDPR rights

If you are located in the EEA or the UK, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data where there is no legitimate reason to continue processing it
  • Right to restriction: Request restriction of processing in certain circumstances
  • Right to portability: Receive your data in a structured, commonly used, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time

To exercise any of these rights, please contact us at our contact page or email privacy@fhcaretech.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

CCPA rights (California)

If you are a California resident, you have the right to know what personal information we collect, to delete your personal information, to opt out of the sale of your personal information (we do not sell personal information), and to non-discrimination for exercising your rights. To submit a request, please contact us at privacy@fhcaretech.com.

8. Cookies and Tracking

Types of cookies

We use the following categories of cookies:

  • Strictly necessary: Required for the platform to function (session management, authentication). These cannot be disabled.
  • Analytics: Help us understand how users navigate the platform (e.g., page views, feature usage). We use privacy-respecting analytics that anonymise IP addresses.
  • Preferences: Remember your settings and preferences between sessions (e.g., language, theme).
  • Marketing: Used to track effectiveness of marketing campaigns, where you have given consent.

Managing preferences

On your first visit to our website, you will be shown a cookie consent banner. You can accept all cookies, accept only essential cookies, or customise your preferences. You can update your preferences at any time via the cookie settings link in the footer. You can also control cookies through your browser settings.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include:

  • Encryption in transit (TLS 1.2+) and encryption at rest for sensitive data
  • Per-brand data isolation with separate database clusters
  • Role-based access controls limiting data access to authorised personnel only
  • Regular automated backups stored in encrypted AWS S3 buckets
  • Monitoring and alerting for suspicious activity

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, and affected individuals without undue delay where the breach is likely to result in high risk.

10. International Data Transfers

Our infrastructure is hosted on AWS in the EU (eu-west-1, Ireland) and the UK (eu-west-2, London). We do not routinely transfer personal data outside the EEA or UK.

Where sub-processors (such as analytics or email providers) are located outside the EEA or UK, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission or the UK Information Commissioner's Office, or other lawful transfer mechanisms.

11. Children's Privacy

The FHcare platform is intended for professional use by adults aged 18 and over. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child without appropriate parental consent, we will delete that data promptly. If you believe we may have collected data from a child, please contact us at privacy@fhcaretech.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or business operations. We will notify you of material changes by email or by posting a notice within the platform at least 30 days before the changes take effect. The updated policy will be dated at the top. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

13. Contact Us

Data controller details

FHcare Tech Platform Limited is the data controller for personal data processed through our website and platform (except where a client agency is the controller for candidate data as described in Section 1).

DPO contact

If you have questions about how we handle your personal data or wish to exercise your data subject rights, you may contact our Data Protection Officer directly at dpo@fhcaretech.com. You also have the right to lodge a complaint with the Data Protection Commission (Ireland) at www.dataprotection.ie or the ICO (UK) at ico.org.uk.