Privacy Policy
Last Updated: February 3, 2026
1. Introduction
FosterFlow ("we", "us", or "our") is committed to protecting the privacy and security of the personal data we process. This Privacy Policy explains how we collect, use, and protect information within the FosterFlow platform, specifically designed for foster carers and fostering agencies in the United Kingdom.
2. Data We Collect
We process the following categories of data:
- User Identity Data: Name, email address, password, and professional role (Carer, Agency, or Admin).
- Sensitive Fostering Data: Voice recordings, transcripts, and daily observations of children in care.
- Child Profiles: Names, dates of birth, and placement dates (processed on behalf of the carer/agency).
- Usage Data: Audit logs of system interactions, IP addresses, and device information for security monitoring.
3. How We Use AI
FosterFlow uses Google Gemini AI to transcribe audio and generate structured reports. This processing is stateless: your data is sent to the AI model for transformation and returned. We do not use your fostering logs or personal data to train public AI models.
4. Data Sharing and Location
Your data is stored in secure PostgreSQL databases located in the UK/EU regions. We do not sell your personal data to third parties. Data is only shared with:
- Your designated Fostering Agency (if you have explicitly joined an agency account).
- Statutory authorities (if required by Law or for safeguarding purposes).
- Secure sub-processors (e.g., Stripe for payments, Google for AI processing).
5. Your Rights (UK GDPR)
Under UK GDPR, you have the right to access, rectify, or erase your personal data. You also have the right to data portability. To exercise these rights, please contact our support team.
For any privacy-related inquiries, please contact:
privacy@fosterflow.uk