Privacy Policy
Information about how we handle and protect personal data in Caire
Last updated: 2026-07-07
1. Introduction
Caire ("we", "us" or "our") provides a platform for planning, scheduling, employee mobile app workflows, visit registration and documentation in home care and care services. This privacy policy describes how personal data is processed when you use Caire's website, dashboard, mobile app and related services.
2. Data controller and roles
Caire (EirTech AB) is the data controller for personal data that we collect for our own purposes, such as contact requests, website data, beta interest and customer relationships. When Caire is used by a home-care or care organisation, that organisation is normally the data controller for employee, client, schedule, visit and care documentation data. Caire then processes the data as a data processor under agreement and documented instructions.
3. Processing of personal data
We process personal data in accordance with:
- The General Data Protection Regulation (GDPR)
- The Swedish Social Services Act and other applicable care legislation
- Applicable confidentiality rules for social services and care
- Data processing agreements and documented instructions from our customers
When Caire acts as a data processor, we process personal data only to provide, secure and support the service according to the customer's instructions.
4. Collected and processed data
Depending on how your organisation uses Caire, the following categories of personal data may be processed. Some data comes from the organisation's dashboard and is shown in the app; other data is created when you use the app.
- Contact and account information, such as name, email address, phone number, role and organisation.
- Sign-in and user identifiers, such as Clerk user ID, session information and permissions.
- Device data needed for app functionality, such as push token, device identifier and operating system.
- Schedule and visit data, such as shifts, routes, client visits, address, planned tasks and time records.
- Client and care information provided by your organisation in Caire, including information that may be confidential or classified as sensitive personal data.
- Visit documentation such as notes, deviations and other free text entered by employees.
- Location data, including precise location, when the app is used for check-in, check-out or other visit verification.
- Photos that the user actively attaches to visit documentation.
- Audio from voice notes that the user actively records for transcription to text.
- NFC/chip data when the organisation uses NFC for visit verification, such as confirmation that a tag or chip was read at the correct location.
5. The mobile app
The Caire app is intended for employees of organisations that use Caire. The app requires an account from the employer or organisation.
- The app uses Clerk for sign-in. The sign-in session is stored in protected storage on the device.
- Schedules, client visits and queued registrations may be stored locally in the app so the employee can keep working during temporary connectivity issues.
- Location data is used only when the app needs to verify a visit or registration. Caire does not use the app for continuous employee tracking.
- Photos, voice notes and free text are created only when the user actively chooses that documentation method.
- Voice notes may be sent to a speech-to-text service for transcription and then saved as a text note in the organisation's system.
- Push notifications are used for app functionality such as schedule changes, messages and relevant workflows.
- If biometric app lock is used, the check happens locally through iOS or Android. Caire does not access biometric data.
- If NFC is used, the app reads tag or chip information to verify the visit. App sign-in still uses the personal work account.
6. Purposes of processing
Personal data is processed to:
- Provide the Caire dashboard, mobile app and related services.
- Authenticate users, manage permissions and protect accounts.
- Show schedules, routes, client visits and work tasks to employees.
- Register check-in, check-out, time spent and visit verification.
- Enable care documentation according to the organisation's instructions.
- Send necessary push notifications and messages related to work.
- Troubleshoot, provide support, prevent misuse and ensure operation and security.
- Improve and develop the service in a way that is consistent with agreements and data protection rules.
7. Storage and security
Caire uses technical and organisational security measures to protect personal data against unauthorised access, loss and manipulation. Data is not stored longer than necessary for the purposes, or as required by customer instructions, agreements and applicable law.
- Data is transferred using encryption between the app, dashboard and Caire services.
- Customer and operational data is stored within the EU/EEA when Caire is responsible for the operating environment.
- Local app copies are used for offline functionality and are cleared from the app at sign-out.
- On iOS, the device's own backup may contain app data until the backup is refreshed. On Android, the app's local database is intended to be excluded from backup.
- Care documentation is retained according to the documentation and retention rules of the controller organisation.
8. Sub-processors and suppliers
Caire uses suppliers that help us operate, secure and deliver the service. These suppliers may process personal data only for the purposes required by the service.
- Clerk for sign-in, user management and authentication.
- Cloud and operations providers for hosting, databases, storage and secure operation.
- Apple Push Notification service, Firebase Cloud Messaging and Expo for push notifications.
- Speech-to-text provider for transcription when voice notes are used.
- Support, security and operations tools needed to monitor and maintain the service.
9. No advertising or tracking
Caire does not sell personal data and does not use the mobile app for advertising, ad measurement or tracking across apps and websites. The app uses personal data for app functionality, security, support and service operation.
10. Your rights
As a data subject, you have rights under GDPR. Which party you should contact depends on the processing your question concerns.
- You can request access to your personal data.
- You can request correction of inaccurate data.
- In some cases, you can request erasure or restriction of processing.
- You can object to certain processing where the rules provide that right.
- In some cases, you can request data portability.
- If the data is processed by your employer or care organisation in Caire, requests should normally be directed to that organisation.
- You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).
11. Contact
For questions about Caire's processing of personal data or this policy, contact us. For questions about care, client or employer data handled in the app, contact your employer or the care organisation that is the data controller first.
Email: info@caire.se
Phone: 0734-177 166
Address: Tändkulevägen 33, 13151 Nacka