Last Updated: January 17, 2025
1. Overview
Careful Systems Limited (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This privacy notice explains how we collect and use personal data through our website https://careful.online (the “Website”).
Careful Systems Limited is registered in England and Wales (Company Number: 10176186). Our registered office is at Vestry House, Laurence Pountney Hill, London, EC4R 0EH. We are registered with the Information Commissioner’s Office (registration number: ZA249706).
Our Data Protection Officer is Dr Shane McKeown, who can be contacted at shane.mckeown@careful.online.
2. The Data We Collect
2.1 Website Usage Data
When you visit our Website, we automatically collect:
- Technical data including IP address, browser type and version
- Usage data including pages visited and time spent on pages
- Geographic location data (country/region level only)
2.2 Contact and Inquiry Data
When you request a demo or contact us, we collect:
- Name and email address
- Company name and job title (if provided)
- Any information you choose to share in your message
- Calendar preferences (when scheduling through Calendly)
3. How We Use Your Data
3.1 Lawful Bases for Processing
We only process your personal data when we have a legal basis to do so:
- Legitimate Interests: Website analytics, security monitoring, business development
- Consent: Marketing communications, cookie usage (except strictly necessary)
- Contract: Scheduling and providing demos when requested
3.2 Specific Uses
We use your data to:
- Provide and maintain our Website
- Respond to your inquiries
- Schedule and manage demo requests
- Send marketing communications (with consent)
- Analyze Website usage to improve our service
- Ensure Website security
4. Data Sharing
4.1 Third-Party Service Providers
We share data with:
- Calendly (demo scheduling)
- Google Analytics (website analytics)
- Website hosting providers
- Email service providers
These providers act as our data processors and are bound by data processing agreements.
4.2 Other Disclosures
We may disclose your information if:
- Required by law
- Necessary to protect our rights or safety
- Part of a business reorganization or sale
- You have given consent
5. International Transfers
Some of our third-party service providers operate outside the UK/EEA. When we transfer your data internationally, we ensure appropriate safeguards are in place through:
- UK International Data Transfer Agreement (IDTA)
- UK Addendum to the EU Standard Contractual Clauses
- Adequacy decisions where applicable
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption of data in transit and at rest
- Regular security assessments
- Access controls and authentication
- Staff training on data protection
7. Your Rights
Under UK GDPR, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request erasure of your data
- Object to processing
- Restrict processing
- Data portability
- Withdraw consent
To exercise these rights, contact our Data Protection Officer at shane.mckeown@careful.online. We will respond within one calendar month, which may be extended by two further months for complex requests.
8. Data Retention
We retain your personal data for:
- Website analytics data: 14 months (Google Analytics default)
- Marketing preferences: Until you withdraw consent
- Demo request information: 36 months after last interaction
- Contact form submissions: 36 months after last interaction
- Security logs: 12 months
After these periods, data is securely deleted unless we are required by law to retain it longer.
9. Cookie Policy
We use cookies to enhance your browsing experience:
- Strictly Necessary: Required for Website functionality
- Analytics: To understand Website usage (requires consent)
- Functionality: To remember your preferences (requires consent)
Cookie consent preferences are stored for 6 months, after which renewed consent will be requested.
10. Marketing Communications
We will only send marketing communications if you have:
- Explicitly consented; or
- Previously purchased services from us (you can opt out)
Every marketing email contains an unsubscribe link. After unsubscribing, you will be removed from marketing lists within 28 days as per UK regulations.
11. Children’s Privacy
Our Website is not intended for children under 18 (in line with UK data protection standards). We do not knowingly collect data from children.
12. Changes to This Notice
We review this notice at least annually. Any significant changes will be notified to you via email or prominent notice on our Website at least 30 days before the changes take effect.
13. Contact Us
For privacy-related queries:
- Data Protection Officer: Dr Shane McKeown
- Email: shane.mckeown@careful.online
- Post: Careful Systems Limited, Vestry House, Laurence Pountney Hill, London, EC4R 0EH
You have the right to complain to the Information Commissioner’s Office (www.ico.org.uk) if you believe we have not handled your data properly. The ICO recommends that you first raise your concern with us to allow us the opportunity to resolve the issue.
14. Separate Platform Privacy Notice
Please note: If you are a user of the CAREFUL platform, a separate privacy notice applies to your use of the platform and its features. This notice is available within the platform or upon request from our Data Protection Officer.
Document Control:
Owner: Dr Shane McKeown, DPO
Version: 2.0
Last Reviewed: January 17, 2025
Next Review Due: January 17, 2026