Privacy policy
What personal information we collect, why, and your rights.
Who controls your data
Chronix Health Group Ltd (Companies House number 16663224) is the data controller for the Chronix Health Library. This means we decide how and why your personal information is used.
Chronix Health Group Ltd is registered with the Information Commissioner's Office (ICO), registration reference ZB962513.
What we collect
- Account information from your Chronix Health sign-in: your name and email address.
- Your course activity: which courses you start, your progress, and the certificates you earn.
- Payment information: when you buy a course, Stripe handles the payment. We never see or store your card details.
- Sign-in and security activity: a record of your sign-ins and security events, including the approximate device and IP address, kept to protect your account. You can see this yourself under Account → Security, and it's included if you download your data.
Why we use it, and our lawful basis
We use your information to give you the courses and track your progress, to issue your certificates, to take payments, and to keep the Library secure. Under the UK GDPR, our lawful bases are:
- Performance of a contract — to deliver the course you signed up for.
- Legitimate interests — to keep the service secure and understand how it is used.
- Consent — for any marketing. We only send marketing if you choose to opt in.
Who we share it with
We use trusted companies to run the Library. They only process your data to provide their service to us, under contract:
- Supabase — secure database storage.
- Stripe — payments.
- Vercel — website hosting.
We do not sell your personal information.
How long we keep it
We keep your account and course records while your account is active. We keep records we need for tax and legal reasons for as long as the law requires (usually up to 6 years). After that, we delete or anonymise your information.
Your rights
Under the UK GDPR you have the right to:
- see the information we hold about you (access);
- have it corrected if it is wrong (rectification);
- ask us to delete it (erasure);
- get a copy to move elsewhere (portability);
- complain to the ICO if you are unhappy with how we handle your data.
To use any of these rights, email support@careworld.app.
Cookies
We use a small number of necessary cookies. The main one is the sign-in (SSO) cookie that keeps you logged in across Care Vault, Care World and the Library. Stripe and our hosting may set cookies that are needed to take payments and make pages work. We do not use advertising or tracking cookies.
How to contact us
For any privacy question, or to reach the data controller, email support@careworld.app. If we change this policy, we will update this page.
See also our Terms of service and Refund policy.
Change your cookie choice at any time: