Privacy Policy

Effective date: 10 July 2026

PillPoint is an electronic Medication Administration Record (eMAR) used by care providers to record and manage medication safely. This policy explains what personal data the service handles and how it is protected.

1. Who is responsible for your data

The data controller is the care organisation that licenses and operates PillPoint for its service — that organisation decides what data is recorded and why. PillPoint, the software provider, acts as a data processoron the care organisation's behalf and only processes data on its documented instructions.

If you are a resident, relative or member of staff, direct data requests to the care organisation you are associated with in the first instance. You can also contact PillPoint about how the software handles data at oluwatobiolatunji43@gmail.com.

2. What data we process

  • Staff account data — name, work email, role, assigned unit(s), and a securely hashed PIN used to sign in.
  • Service user (resident) data — name, date of birth, gender, NHS / care ID, room/bed, weight, GP and pharmacy, next of kin and social worker contacts, and a photo where provided.
  • Health data (special category) — allergies, medical conditions, prescribed medications, and the record of each dose given, refused or missed, including who administered it and any witness.
  • Operational logs — a security and compliance audit trail of key actions (sign-ins, administrations, stock and record changes).

3. Why we process it, and our lawful basis

Data is processed solely to provide safe medication management and to meet the care provider's legal and regulatory duties (e.g. CQC). Under UK GDPR the lawful bases are legitimate interests / legal obligation (Article 6) and, for health data, the provision of health and social care (Article 9(2)(h)). We do not use the data for advertising or sell it to anyone.

4. Who we share it with

We share data only with the service providers needed to run the app:

  • Hosting & database — our cloud hosting provider stores the data securely on our behalf.
  • Payments — if a paid subscription is taken, card processing is handled by Stripe; card details never reach our servers.

We do not transfer resident data outside the UK/EEA without appropriate safeguards.

5. How long we keep it

Records are retained for as long as the care provider requires them to meet care and regulatory record-keeping obligations, and are deleted or anonymised after that period in line with the provider's retention policy.

6. How we protect it

Access is PIN-protected and role-based, sessions are encrypted in transit (HTTPS) and time-limited, PINs are stored only as secure hashes, repeated failed sign-ins are rate limited, and every significant action is recorded in an audit trail.

7. Your rights

Individuals have the right to access, correct, erase, restrict or object to the processing of their data, and to data portability. To exercise any right, contact the care provider named in section 1. You also have the right to complain to the UK Information Commissioner's Office (ico.org.uk).

8. Cookies

PillPoint uses a single essential cookie to keep you signed in and a small preference cookie for your light/dark theme. No advertising or third-party tracking cookies are used.

9. Changes to this policy

We may update this policy from time to time; the effective date above will change accordingly.

10. Contact

Questions about how PillPoint (the software) handles data can be sent to oluwatobiolatunji43@gmail.com. For requests about a specific resident or staff member's records, contact the care organisation that operates PillPoint for that service, as the data controller.

© 2026 PillPoint eMAR