This platform supports compliance workflows and does not provide legal advice. AI-assisted suggestions require human review. Final responsibility remains with the organisation.

    The Learned Care Limited — Healthcare Marketing Compliance Platform

    Privacy Policy

    Last updated: March 2025

    1. Who We Are

    The Learned Care Limited ("we", "our", "us") is a company registered in England and Wales. We provide AI-assisted healthcare marketing compliance software and advisory services to healthcare organisations in the United Kingdom.

    You can contact us at: info@tlccompliance.co.uk

    2. Information We Collect

    We may collect and process the following personal information:

    • Contact and enquiry data: Name, email address, organisation name, and the message you submit via our contact or pilot access forms.
    • Account data: Username, hashed password, name, email address, and organisational role for platform users.
    • Usage data: Compliance scan activity, content submissions, and audit records generated through use of the compliance tool.
    • Technical data: IP address, browser type, and access timestamps collected automatically when you use our platform.

    3. How We Use Your Information

    We use the information we collect to:

    • Provide and operate the platform and services
    • Respond to enquiries, pilot access requests, and contact submissions
    • Manage user accounts and organisational access
    • Maintain audit trails and compliance records as required by your organisation
    • Improve and develop our services
    • Meet our legal and regulatory obligations

    4. Legal Basis for Processing

    We rely on the following legal bases under UK GDPR:

    • Contract: Processing necessary to provide our services to you under our agreement.
    • Legitimate interests: Operating and improving our platform, responding to enquiries, and maintaining platform security.
    • Legal obligation: Retaining records as required by applicable law.
    • Consent: Where you have given specific consent, such as for marketing communications.

    5. Data Retention

    We retain personal data only as long as necessary for the purposes described in this policy, or as required by law. Compliance audit records are retained in accordance with our data retention policy, which is configurable by your organisation's administrator. You may request deletion of certain content records through the platform's audit management features.

    6. Data Security

    We take appropriate technical and organisational measures to protect personal data, including AES-256-GCM encryption for stored content snapshots, bcrypt password hashing, HTTPS transport encryption, and access controls limiting data access to authorised personnel.

    7. Sharing of Data

    We do not sell, rent, or trade your personal data. We may share data with trusted third-party service providers who support our operations (such as cloud hosting and AI processing), under appropriate data processing agreements. We do not share data with unauthorised third parties.

    8. Your Rights

    Under UK GDPR, you have the right to:

    • Access the personal data we hold about you
    • Request correction of inaccurate data
    • Request erasure of your data (subject to legal obligations)
    • Object to processing based on legitimate interests
    • Request restriction of processing
    • Data portability where applicable

    To exercise these rights, please contact us at info@tlccompliance.co.uk.

    9. Complaints

    If you have concerns about how we process your data, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.

    10. Updates to This Policy

    We may update this Privacy Policy from time to time. We will notify registered users of material changes. Continued use of the platform after changes constitutes acceptance of the updated policy.