Privacy Policy
Effective Date: 17th September 2025
1. Introduction
At Careo.ai, we respect privacy and are committed to protecting personal data processed through our platform. This Privacy Policy explains what information we process, how we safeguard it, and the responsibilities of our clients.
Careo.ai is recruitment software tailored for the healthcare sector, operated by Healsgood Ltd. We provide software-as-a-service (SaaS) to recruitment businesses.
Important: Careo.ai does not collect or decide how candidate data is used. Recruitment businesses using our platform are the data controllers. Careo.ai acts as a data processor and processes personal data only on client instructions.
2. Who We Are
Careo.ai is a service operated by Healsgood Ltd (“we”, “our”, “us”).
- Data Controller: Recruitment businesses (our clients).
- Data Processor: Careo.ai, acting on behalf of the client.
For questions about how candidate data is used, candidates should contact the recruitment business directly.
3. Information Processed Through Careo.ai
The data our clients may upload or process through Careo.ai includes:
- Candidate details: name, contact information, work history.
- Compliance documents: right to work, licences, certifications, vaccination records (if required).
- Identity documents: passport, driving licence, proof of address.
- Professional references.
- Availability and role preferences.
-
Careo.ai does not collect this data directly. All data is provided and controlled by our clients.
4. How Careo.ai Uses Data
As a data processor, we use data only to:
- Provide the recruitment software service.
- Store and manage data securely on behalf of clients.
- Support clients in managing recruitment workflows.
- Maintain, improve and secure our systems.
- Comply with legal and contractual obligations.
We do not sell, trade or use candidate data for our own purposes.
5. Legal Basis for Processing
Because Careo.ai acts as a data processor, the legal basis for processing personal data is determined by our clients (the data controllers).
We rely on:
- Contracts with clients to deliver our software service.
- Legal obligations to maintain security and compliance.
6. Sharing of Data
Careo.ai may share data only as required to:
- Provide IT hosting and infrastructure services.
- Conduct technical support and security monitoring.
- Meet legal or regulatory requirements.
We do not share candidate data with other recruitment agencies, employers or third parties except under client instructions or legal obligation.
7. International Data Transfers
If data is transferred outside the UK, we ensure appropriate safeguards are in place (for example, UK GDPR-approved standard contractual clauses).
8. Data Retention
Careo.ai retains data only for as long as instructed by the client.
When a client’s contract ends or data is no longer needed, we delete or return it securely in line with the client’s instructions.
9. Security
We use appropriate technical and organisational measures to protect data, including:
- Encryption of data in transit and at rest.
- Access controls and monitoring.
- Secure hosting infrastructure.
- Regular audits and compliance reviews.
10. Candidate Rights
As Careo.ai is a processor, we do not handle rights requests directly.
Candidates wishing to exercise their data protection rights (such as access, correction, deletion, or portability) must contact the recruitment business that holds their data.
11. Children's Data
Careo.ai is not intended for use by individuals under 18 years old, and clients must not upload data relating to children.
12. Changes to the Policy
We may update this policy from time to time. Updates will be posted on our website with a revised “Last Updated” date.
13. Contact Us
For questions about this policy or how data is processed, please contact:
Email: privacy@healsgood.com