Privacy Policy

How we protect and manage your personal data

1. Introduction

Kashyap Consultancy is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services and digital platforms, including FindYourSupport.com, Carely.care, Suppora.ai, and TalentFlowSolutions.com.

We are certified under Cyber Essentials and Cyber Essentials Plus standards, ensuring the highest levels of data security and protection.

2. Data Controller Information

Kashyap Consultancy
Global Headquarters: Mumbai, India
UK Operations: United Kingdom
Data Protection Officer: privacy@kashyapconsultancy.com

3. Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent: When you provide explicit consent for specific processing activities
  • Contract: To fulfill our contractual obligations and provide services
  • Legal Obligation: To comply with Care Act 2014 and other regulatory requirements
  • Legitimate Interest: For business operations, security, and service improvement

4. Information We Collect

4.1 Personal Information

  • Name, contact details, and identification information
  • Professional qualifications and employment history
  • Care needs assessments and support requirements
  • Payment and billing information

4.2 Technical Information

  • IP addresses, browser type, and device information
  • Usage data and platform interaction analytics
  • Cookies and similar tracking technologies

4.3 Special Category Data

With explicit consent, we may process:

  • Health and care-related information
  • Information about disabilities or support needs
  • Data necessary for safeguarding purposes

5. How We Use Your Information

  • Provide consultancy services using our REACT methodology
  • Facilitate care matching and service delivery
  • Process recruitment and talent management
  • Improve our AI-powered analytics and platforms
  • Ensure compliance with regulatory requirements
  • Communicate about services and updates
  • Maintain security and prevent fraud

6. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: AWS, Google Cloud Platform, Microsoft Azure for secure hosting
  • Partners: Authorized partners for service delivery
  • Regulatory Bodies: When required by law or regulation
  • Care Providers: For legitimate care coordination purposes

We never sell personal data to third parties.

7. International Data Transfers

As a global organization with offices in Mumbai, UK, Singapore, and Abu Dhabi, we may transfer data internationally. All transfers are protected by:

  • Adequacy decisions where applicable
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Appropriate technical and organizational measures

8. Data Security

We implement robust security measures including:

  • Cyber Essentials and Cyber Essentials Plus certification
  • End-to-end encryption for data transmission
  • Multi-factor authentication and access controls
  • Regular security audits and penetration testing
  • Staff training on data protection and security
  • Incident response and breach notification procedures

9. Data Retention

We retain personal data only as long as necessary for:

  • Service provision and contractual obligations
  • Legal and regulatory compliance requirements
  • Legitimate business interests

Care-related data is retained in accordance with Care Act 2014 requirements and NHS Digital guidance.

10. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time

11. Cookies and Tracking

We use cookies and similar technologies to:

  • Ensure platform functionality and security
  • Analyze usage patterns and improve services
  • Provide personalized experiences
  • Enable social media integration

You can manage cookie preferences through your browser settings.

12. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children without appropriate parental consent and safeguarding measures.

13. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes through our platforms or direct communication.

14. Contact Us

For privacy-related inquiries, data subject requests, or concerns:

Data Protection Officer: privacy@kashyapconsultancy.com
Phone: +44 (0) 20 1234 5678
Address: Kashyap Consultancy, UK Operations Center

Supervisory Authority:
Information Commissioner's Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113

Last updated: January 2025