top of page

Website Privacy Policy

1. Introduction and who we are

 

This Privacy Notice sets out information about how we collect and use personal data which we receive through our website mobiliseonline.co.uk (the “Site”), through our services, and otherwise.

 

We” or “us” means Mobilise Care Ltd, a company registered in the United Kingdom under number 11194291 whose registered offices are at International House, 64 Nile Street, N1 7SR, London, United Kingdom, N1 7SR.
 
We are committed to protecting and respecting your privacy and ensuring that we handle any personal data relating to you in compliance with the General Data Protection Regulation as transposed into UK law (“GDPR”)  and all other data protection laws which apply to us.
 
For the purposes of GDPR, we are a “data controller” in relation to the personal data we handle, which means we determined the purposes and means of processing of that personal data.  We are registered with the Information Commissioner's Office under number ZB197029. Our Data Protection Officer is James Townsend. Any inquiries about our handling of your personal data should either be sent to us on email at data@mobiliseonline.co.uk or sent in a letter to International House, 64 Nile Street, N1 7SR, London, United Kingdom.
 
We’ve broken this Notice down to make it easier to navigate depending on your relationship with us.

  • here is information for carers who use our services (either through the Site or otherwise) (“Carers”);

  • here is information for individuals who might be the recipient of care provided by Carers (“Care Recipients”);

  • here is our information for anyone else who we might deal with (like suppliers, referrers, journalists, anyone who contacts us with general enquiries, or people just browsing the Site).

​GDPR requires data controllers like us to ensure that we only process personal data on one of a number of specific lawful bases, which are set out in Article 6 GDPR. In each of the sections providing you with specific information based on your relationship with us, we describe not only what we do with your personal data, but also the lawful basis on which we do it. We may process personal data on more than one basis depending on the specific purpose for which we are using it 
 

2. Information for carers

​In connection with your use of our Site and services (including in particular our Mobilise community services, our Mobilise Hub app or our carers’ assessment interviews), we may receive:

 

  • Account data: which you provide to us in setting up or using an account on the Site, in any of our online communities, or in engaging with us to provide online or offline services to you or in registering to receive marketing and informational correspondence from us. The account data may include your name, email address, phone number, postal address, gender, date of birth, username and password. If you use a third-party application like Facebook to log into your account then we may receive and process account data from the relevant third party. 

  • Correspondence data: this is information contained in or relating to any enquiry or communication that you send to us or that we send to you, or intended to help us communicate with you if needed. This may include the communication content and metadata associated with the communication. 

  • Message data: Some of our services may be provided through chatbots, online messaging services, text message or WhatsApp. We will receive and process the content of messages sent to and from us using those services.

  • Assessment data, which we receive when you complete a carer’s assessment. This may include a range of personal data – really, whatever you decide to tell us – about the nature and demands of the care you provide, and your needs for support.

  • Special categories of data, such as information relating to your physical or mental health, religion, racial or ethnic origin, or sexuality. It will usually be necessary for us to ask about your health in conducting carers’ assessments, but you might voluntarily choose to tell us other information about yourself which is protected as “special category data” under GDPR.

  • Profile data, which is information contained in your public web profile on the Site and/or in any communities we host, which might include your name, photo, gender, location, and anything else you choose to share. 

  • Usage data about your use of our Site and services which we obtain through analytics tools. This may include: your IP address; geographical location; browser type and version; device type, OS and display size; referral source; length of visit; page views and website navigation paths; as well as information about the timing, frequency and pattern of your service use.

 

We use this personal data for the following purposes:

Type of Data

Purpose/Activity

Account data, Profile data, Correspondence data, Message data

Operating our Site and community services, providing our services, verifying logins, and communicating with you.

 

Displaying your profile.

 

Corresponding with you.

 

Providing your contact details to your Local Authority so they can contact you.

Legal Basis for Processing

Performance of a contract with you (i.e. delivering our services) (Art. 6.1(b) GDPR). Legitimate interest (Art. 6.1(f)) in properly administering and promoting our business, services and communications. Legitimate interest in providing our services to your Local Authority and supporting them in fulfilling their own regulatory role.

Assessment data, Message data (where provided in the course of an assessment) 

Assessing your support needs and reporting them to your relevant Local Authority.

Performance of a task carried out in the public interest (Art. 6.1(d)). Legitimate interest in providing our services to your Local Authority and supporting them.

Special category data

Assessing your support needs and reporting them to your relevant Local Authority.

Performance of a task carried out in the public interest. Legitimate interest in providing our services to your Local Authority. Your consent (Article 6.1(a), Article 9.1(a)). Necessary for the provision of social care on the basis of UK law (Article 9.1(h)).

Any data

Safeguarding: on an exceptional basis, if we become aware of a significant safeguarding risk to the Carer or Care Recipient, we may notify a local authority or agency.

To protect vital interests (Article 6.1(d)), 9.1(c)). 

Usage data

Analyzing the use of, and improving, our Site and services, security monitoring and fraud detection.

Legitimate interest in delivering and improving our Site and services, informing marketing strategy.

3. Information for Care Recipients

 

If your Carer is a user of our Site, member of our Mobilise communities or undergoes a carer’s support assessment, we may receive information relating to you. We do not request this data, but your Carer may find it useful to share it with us (e.g. being aware of your particular needs may make it easier for us to provide your Carer with support or direct them to appropriate resources). We may receive:

 

  • Identity data: your Carer may incidentally provide us with information relating directly or indirectly to your identity: e.g. name, location, or other descriptors.

  • Assessment data: which we receive when your Carer completes a Carer’s assessment. This may include a range of personal data – really, whatever the Carer decides to tell us – about the nature and demands of the care they provide, and your needs for support.

  • Special categories of data, such as information relating to your physical or mental health, religion, racial or ethnic origin, or sexuality, which your Carer might divulge to us in the context of a carers’ assessment and which is protected as “special category data” under GDPR.

 

We use this personal data for the following purposes:

Type of Data

Purpose/Activity

Legal Basis for Processing

Identity data

Providing our services to your Carer and maintaining records of our correspondence with them and services provided to them. Providing information about your Carer to the relevant Local Authority.

Legitimate interest (Art. 6.1(f) GDPR) in properly administering our services and communications.  Legitimate interest in providing our services to your Local Authority and supporting them in fulfilling their own regulatory role.

Assessment data 

Assessing your Carer’s support needs and reporting them to your relevant Local Authority.

Performance of a task carried out in the public interest (Art. 6.1(d)). Legitimate interest in providing our services to and supporting your Local Authority.

Special category data

Assessing your Carer’s support needs and reporting them to your relevant Local Authority.

Performance of a task carried out in the public interest. Legitimate interest in providing our services to your Local Authority. Necessary for the provision of social care on the basis of UK law (Article 9.1(h)) or to protect vital interests ((Article 6.1(d)), 9.1(c)).

Any data

Safeguarding: on an exceptional basis, if we become aware of a significant safeguarding risk to your Carer or to you, we may notify a local authority or agency.

To protect vital interests (Article 6.1(d)), 9.1(c)). 

4. Information for everyone else

 

While our core business involves working with carers, we will also receive personal data from others connected with our business like our local authority clients, suppliers, commercial partners, journalists, or people who get in touch with us for any other reason. We may receive:

 

  • Correspondence data: this is information contained in or relating to any enquiry or communication that you send to us or that we send to you, or intended to help us communicate with you if needed. This may include the communication content and metadata associated with the communication, as well as any contact details you may provide to us such as your name, email address, phone number, job title, address or social media handle. 

  • Partner data: If we have some commercial relationship with you or with your employer (for example if you work at one of our local authority clients, or if we have a supply, purchase, sponsorship or referral relationship) then we may handle your contact details (name, job title, email address, postal address, telephone number), any related communications, and any related documents (such as contracts, POs and invoices, proposals and so on).

  • Usage data about your use of our Site, which we obtain through analytics tools. This may include: your IP address; geographical location; browser type and version; device type, OS and display size; referral source; length of visit; page views and website navigation paths; as well as information about the timing, frequency and pattern of your service use. 

 

We use this personal data for the following purposes:

Type of Data

Purpose/Activity

Correspondence data

Communicating with you, keeping records in relation to our business.

Partner data

Administering our commercial relationship with you.

Usage data

Analyzing the use of, and improving, our Site and services, security monitoring and fraud detection.

Legal Basis for Processing

Performance of a contract with you (if the correspondence relates to possible services you or we may provide) (Art. 6.1(b) GDPR). Legitimate interest (Art. 6.1(f) GDPR) in properly administering our business, services and communications.

Performance of a contract with you. Legitimate interest in properly administering our business, services and communications.

Legitimate interest in delivering and improving our Site and services, informing marketing strategy.

5. Other uses of your personal data

 

In addition to the uses described above for different categories of individuals, we may retain and use any personal data for any of the following purposes:

Purpose/Activity

Legal Basis for Processing

For the purposes of legal compliance (e.g. maintaining tax records).

Compliance with our legal obligations.

Bringing and defending legal claims.

Legitimate interest in conducting and defending legal claims to preserve our, and others’, rights. 

Record-keeping and hosting, back-up and restoration of our systems.

Legitimate interest in ensuring the resilience of our IT systems and the integrity and recoverability of our data.

Aggregation and insight creation – creating anonymous aggregate data derived from our users’ personal data for statistical, research or insight purposes. This may include “training” the AI used to provide certain of our services (such as our carers’ support assessments).

Legitimate interest in improving our services, reporting to Local Authorities and contributing to our own and third party research.

6. Data security

 

We have put in place appropriate security measures to protect your personal data. We also have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where required by law.

 

Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem.

7. Change of purpose

 

We will only use your personal data for the purposes for which we collected it, or purposes compatible with those purposes. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

8 Your data and third parties

8.1  Sharing your personal data with third parties

We may share your personal data with a range of third parties:

 

Local Authorities. We may disclose personal data relating to Carers and Care Recipients to the Local Authorities responsible for providing support and care to them, either as required to comply with law, for safeguarding purposes, or under contract with those Local Authorities. We may also disclose personal data to service providers (data processors) acting on behalf of and under instructions from those Local Authorities. Those Local Authorities will have their own privacy notices describing their and their service providers’ processing of personal data.

 

At your request: You may request that we refer you to a local authority or another service provider for further support or information.

 

Our advisors. We may disclose your personal data to our insurers and/or professional advisers to take professional advice and manage legal disputes.

 

Our service providers. We may disclose personal data to our service providers or subcontractors in connection with the uses we’ve described above. For example, we may disclose:

 

  • any personal data in our possession to suppliers which host the servers on which our data is stored, or to freelance staff whose duties involve handling the relevant personal data;

  • contact details to providers of email, email marketing or physical delivery/courier services;

  • payments data to our payment processing service providers (such as Stripe); and

  • usage data to providers of analytics services.

 

We do not allow our data processors to use your personal data for their own purposes. We only permit them to use your personal data for specified purposes, in accordance with our instructions and applicable law.

 

Compliance. We may also disclose your personal data where necessary to comply with law (in particular if we become aware of any criminal activity or serious safeguarding concerns).

 

Restructuring. If any part of our business is sold or transferred, or proposed to be sold or transferred, your personal data may be disclosed to the new owner or in connection with the relevant negotiations. Their Privacy Notice will govern their use and processing of your personal data.

 

8.2  Third-party links

The Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their use of your personal data: you should read any available privacy notices made available by those third parties on their websites.

9.  How long will we retain your personal data?

 

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. We may retain your personal data for a longer period than usual if required by law, or in the event of a complaint or in connection with any actual or prospective legal claim.

 

10. International transfers of personal data

 

Some of the third parties to whom we may transfer your personal data, discussed above, may be located outside the UK and the EEA or may transfer your personal data to their own service providers located outside the UK and the EEA. If so, then we will ensure that transfers by our appointed data processors will only be made lawfully (e.g. to countries in respect of which the European Commission has made an "adequacy decision”, or with appropriate safeguards such as the use of standard clauses approved by the European Commission). You may contact us if you would like further information about these safeguards.

 

11. Your rights and how you are protected by us

How to request your data and the process for obtaining it

You have rights under data protection law – they are complex, and subject to exemptions, and you can read guidance from the Information Commissioner’s Office at www.ico.gov.uk for a fuller explanation of your rights.

 

In summary, though:

  • the right to withdraw consent: where our processing is based on your consent (as described above) you have the right to withdraw that consent at any time by notifying us, in which case we will stop the relevant use;

  • the right to access: you have the right to confirmation as to whether or not we process your personal data and, where we do, to access to the personal data, together with certain additional information;

  • the right to rectification: you have the right to have any inaccurate or incomplete personal data about you rectified or completed;

  • the right to erasure: in some circumstances you have the right to the erasure of your personal data (for example, if the personal data are no longer needed for the purposes for which they were processed or if the processing is for direct marketing purposes);

  • the right to restrict processing: you have the right to restrict the processing of your personal data to limit its use. Where processing has been restricted, we may continue to store your personal data and will observe the restrictions on processing except to the extent permitted by law;

  • the right to object to processing: you have the right to object to our processing of your personal data on the basis of legitimate interests (discussed above) or for direct marketing purposes and if you do so we will stop processing your personal data except to the extent permitted by law; and

  • the right to complain to a supervisory authority: if you consider that our processing of your personal data is unlawful, you have a legal right to lodge a complaint with the ICO.

 

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, if your request is clearly unfounded, we could refuse to comply with your request. We may also need to request specific information from you to help us confirm your identity and ensure you have the right to access your personal data (or to exercise any of your other rights).

 

This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.


12. Notification of changes and acceptance of policy

 

We keep our Privacy Notice under review and will place any updates on this webpage and where practicable will notify users (especially Carers registered with us) of significant changes.

 

This version is dated 14 August 2025.

bottom of page