Legal

Cookie Policy

Last updated: 1 April 2025. This policy explains how CareShift uses cookies and similar technologies, and how you can control them.

ICO Guidance Compliant. Our cookie practices follow the guidance issued by the Information Commissioner's Office (ICO) under the Privacy and Electronic Communications Regulations (PECR) and UK GDPR.

1. What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently, to improve user experience, and to provide information to website owners.

Similar technologies include web beacons, pixels, local storage, and session tokens, which function in a comparable way to cookies. This policy covers all such technologies.

2. How We Use Cookies

CareShift uses cookies for the following purposes:

Category	Purpose	Examples	Consent Required?
Strictly Necessary	Essential for the platform to function. Cannot be disabled.	Session authentication token, CSRF protection, load balancer cookies	No — exempt under PECR
Functional	Remember your preferences and settings to improve your experience.	Sidebar state, notification preferences, language settings	Yes
Analytics	Understand how users interact with the platform to improve features.	Anonymous page view counts, feature usage statistics (no personal data shared)	Yes
Performance	Monitor platform performance and diagnose errors.	Error tracking (anonymised), response time monitoring	Yes
Marketing	Measure the effectiveness of our marketing campaigns on the public website.	Referral tracking on the public website only (not inside the platform)	Yes

3. Third-Party Cookies

Some cookies on the CareShift public website may be set by third-party services. We use only third parties who comply with UK GDPR and PECR. Current third-party cookies on our public site include:

Analytics provider — anonymised usage data. Data is not shared with third parties for advertising purposes.
Error monitoring — anonymised error tracking to improve platform stability.

Inside the authenticated platform (post-login), we do not serve third-party advertising cookies.

4. Cookie Duration

Cookies set by CareShift have the following lifespans:

Session cookies — deleted when you close your browser
Persistent cookies — remain for a defined period, typically between 7 days and 12 months depending on their function

5. Your Cookie Choices

When you first visit our public website, we will ask for your consent to set non-essential cookies through our cookie banner. You can update your preferences at any time.

Browser settings: You can configure your browser to refuse all or some cookies, or to alert you when websites set cookies. Note that disabling strictly necessary cookies will affect platform functionality.

Opt-out tools: For analytics cookies, you may also use browser-level opt-out mechanisms where available.

Withdrawing consent for non-essential cookies will not affect the lawfulness of processing based on consent prior to withdrawal.

6. Strictly Necessary Cookies — Details

Strictly necessary cookies are placed to enable core functionality. Under PECR, these do not require your consent. They include:

cs_sessionMaintains your authenticated sessionSession

cs_csrfPrevents cross-site request forgery attacksSession

cs_tokenSecures API authentication30 days

7. Updates to This Policy

We may update this Cookie Policy as our use of cookies changes or to reflect changes in applicable law. We will notify you of significant changes via our cookie banner or by email. The date of the most recent update is shown at the top of this page.

8. Contact

If you have questions about our use of cookies, please contact our Data Protection Officer: dpo@careshiftltd.com

You can also read our full Privacy Policy for more information about how we handle personal data.

This Cookie Policy was last updated on 1 April 2025 and applies to careshiftltd.com and all subdomains.