Privacy Policy

Last updated: April 15, 2026

1. Who We Are

Entity: Tarquin Barnsby trading as AgencySoftware.io

ICO Registration: ZC136598 (Information Commissioner's Office)

Address: Little Waterham Farm, Highstreet R, Faversham, Kent, ME13 9EJ

Role: FosterFlow acts as the Data Controller for independent Carers. For users managed by a Fostering Agency, FosterFlow acts as a Data Processor on behalf of that Agency (the Controller).

Contact: support@mg.fosterflow.uk

2. Special Category Data

Under the UK General Data Protection Regulation (UK GDPR) Article 9, FosterFlow explicitly processes Special Category Data, specifically relating to the health, welfare, and social care of children in the fostering system. We treat all logged data with the absolute highest security constraints.

3. Lawful Basis for Processing

We process your data under the following UK GDPR bases:

  • Contract (Art. 6): To provide the software service you subscribed to.
  • Explicit Consent (Art. 9): For independent carers logging Special Category Data.
  • Substantial Public Interest / Statutory Duty (Art. 9): For Fostering Agencies fulfilling their Ofsted statutory recording obligations.

4. "Zero-Access" Support Protocol

FosterFlow administrators operate under a strict Zero-Access Protocol. We will NEVER access, read, or audit your encrypted or specialized care records unless you provide explicit, written consent via an active support ticket (e.g., to debug a specific missing log). You retain absolute sovereignty over your unshared data.

5. Artificial Intelligence Processing Guarantee

FosterFlow uses AI to transcribe and generate draft reports. We guarantee that ZERO Special Category Data processed by our platform is used by our AI providers (e.g., Google Gemini) to train, fine-tune, or improve their base foundational models. We use strict Enterprise-tier API agreements that enforce zero-data-retention for training purposes.

6. Sub-Processors & International Data Transfers

To provide our services, we use carefully vetted sub-processors. Whenever data is transferred outside the UK/EEA (such as to the United States), it is structurally protected by Standard Contractual Clauses (SCCs) or the UK Extension to the EU-US Data Privacy Framework.

  • Clerk: Authentication and Identity Management
  • Supabase: Primary Database Hosting
  • Cloudflare (R2): Encrypted Audio / Object Storage
  • Google Gemini: Zero-Retention AI Draft Processing
  • Stripe: Payment Processing
  • Mailgun: Transactional Email Delivery

7. Law Enforcement & Safeguarding Subpoenas

FosterFlow respects the absolute privacy of your records. We will only release a standalone Carer's data under a formal statutory warrant, court order, or subpoena issued by law enforcement, the Local Authority Designated Officer (LADO), or Ofsted. We will NOT release data based on informal agency requests or civil disputes without the Carer's explicit consent.

8. Data Retention, Purging, and compliant archives (91-Day Lifecycle)

We retain your data for as long as your account is active. If your subscription is cancelled or billing details expire, the following compliance process applies:

  • 30-Day Grace Period: Editing is disabled, but read-only exports remain active for offline backups.
  • Day 91 Cascading Hard-Purge: Unless transitioned to the Archive Tier or locked under a Safeguarding Freeze, all carer logs, incidents, reports, child DOBs, and records are permanently destroyed from our active database servers on Day 91.
  • Archive Tier: Fostering agencies can transition to a reduced-cost Archive/Compliance Tier to preserve read-only historic records for Ofsted compliance (such as the statutory 75-year DOB retention and 15-year carer retention requirements).
  • Safeguarding & LADO Investigation Freezes: In the event of an active safeguarding concern or Local Authority Designated Officer (LADO) investigation, agency administrators can apply a Safeguarding Active Freeze, which immediately locks records in place and overrides the automated Day 91 retention purge.
  • Ofsted-Compliant Daily Log Locking: To meet the strict regulatory guidelines of Ofsted National Minimum Standards, daily logs are automatically frozen and cryptographically signed (SHA-256) within 24 hours of creation, preventing retroactive editing.

Agency Override Rule:

If your FosterFlow account is managed or paid for by a Fostering Agency, they are the Data Controller. Because Agencies have a statutory duty to retain records (often for 75 years), you cannot unilaterally delete your account or records from the platform. You must contact your Agency directly to manage your data rights.

9. Your Rights (UK GDPR)

You have the right to:

  • Access & Portability: You can download all your data instantly using the 1-Click DSAR Vault in your Settings.
  • Rectification: Correct inaccurate data via the app. For logs older than 24 hours (which are cryptographically sealed), you must append a formal Amendment.
  • Erasure: Request deletion (subject to the Agency Override Rule).
  • Complaint: Lodge a complaint with the ICO (ico.org.uk).

10. Contact Us

For any privacy questions or to exercise your rights, email support@mg.fosterflow.uk.