Nookly
Nookly
Smart & Safe
Privacy Terms GDPR Cookies
← Back to Nookly

GDPR Statement

Our commitment to data protection under UK GDPR and the Data Protection Act 2018

Last updated: June 2025

1
Our commitment to GDPR

Nookly Ltd is fully committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). We understand the sensitive nature of care data and treat data protection as a fundamental responsibility — not a legal formality.

We are registered with the Information Commissioner's Office (ICO) and take all reasonable steps to ensure your data is handled lawfully, fairly, and transparently.

Nookly processes personal data about care recipients, which is classified as special category data under UK GDPR. We apply the highest standards of care to this information.

2
Roles under GDPR

Nookly as Data Controller

Nookly Ltd is the data controller for:

Nookly as Data Processor

When care providers use the Nookly platform to record information about residents and service users, Nookly acts as a data processor on behalf of the care provider (who is the data controller). We process this data strictly according to the care provider's instructions and our Data Processing Agreement (DPA).

Care providers are responsible for ensuring they have appropriate legal bases to process the personal and special category data of the people in their care.

3
Lawful bases for processing

We process personal data under the following lawful bases:

For special category data (health information in care records), we rely on:

4
Your rights under UK GDPR

As a data subject, you have the following rights. To exercise any of these rights, contact us at nooklycare@gmail.com. We will respond within 30 days.

Right of Access

Request a copy of the personal data we hold about you (Subject Access Request)

Right to Rectification

Ask us to correct inaccurate or incomplete personal data

Right to Erasure

Request deletion of your data where there is no compelling reason to continue processing

Right to Restrict

Ask us to limit how we use your data in certain circumstances

Right to Portability

Receive your data in a structured, machine-readable format

Right to Object

Object to processing based on legitimate interests or for direct marketing

You also have the right to withdraw consent at any time where processing is based on consent, and the right to lodge a complaint with the ICO at ico.org.uk or by calling 0303 123 1113.

5
International data transfers

We store and process all personal data within the United Kingdom. Where we use third-party service providers located outside the UK, we ensure appropriate safeguards are in place (such as UK adequacy regulations or standard contractual clauses) before any transfer occurs.

6
Data security measures

We implement technical and organisational measures to protect personal data including:

7
Data breach procedures

In the event of a personal data breach that is likely to result in a risk to individuals' rights and freedoms, we will:

To report a suspected data breach, contact us immediately at nooklycare@gmail.com

8
Data Processing Agreements

As required by UK GDPR Article 28, Nookly enters into Data Processing Agreements (DPAs) with all care provider organisations that use our platform. The DPA sets out:

To request a copy of our standard Data Processing Agreement, contact nooklycare@gmail.com

Nookly
Nookly
Smart & Safe · UK Care Platform
Main website Privacy Terms GDPR Cookies Contact

© 2025 Nookly Ltd. Registered in England and Wales. All rights reserved.

Designed & built by MET AI Solutions