Privacy Policy

1. Who we are

Atara Care (“we”, “us”, “our”) provides cloud-based care management software for UK care homes. We are the data controller for personal data collected through this website. For data processed within the platform on behalf of care providers, we act as a data processor.

2. What data we collect

• Website visitors: name, email, phone number, and care home details when you submit a form.
• Platform users: account credentials, role, and activity logs required for audit and governance.
• Cookies: functional and analytics cookies as described in our Cookie Policy.

3. How we use your data

We process personal data to provide and improve our services, respond to enquiries, fulfil contractual obligations with care providers, and comply with legal requirements. Our lawful bases include consent, contractual necessity, and legitimate interest.

4. Data storage & security

All data is hosted within the United Kingdom on ISO 27001-certified infrastructure. Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Access is controlled through role-based permissions and all actions are logged in an immutable audit trail. See our Security & DSPT page for more detail.

5. Your rights

Under the UK GDPR and Data Protection Act 2018 you have the right to access, rectify, erase, restrict processing of, and port your data, and to object to processing. To exercise any right, email info@ataracare.com.

6. Data retention

We retain personal data only as long as necessary for the purposes set out above, or as required by law. Platform audit logs are retained in line with CQC record-keeping guidance.

7. Contact

If you have questions about this policy or wish to make a complaint, contact us at info@ataracare.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).