You're trusting us with deeply personal information about someone you love. Here's exactly how we keep it safe.
Every page loads over HTTPS (TLS 1.2+). All notes, names and attachments are encrypted on disk in our database and storage.
Your account is the only key. Database policies enforce that you can only ever read or change your own family's data — never someone else's.
Data is stored on EU-region infrastructure (AWS via Supabase) and processed under UK GDPR. We never sell your data.
Daily logs, handover notes and journal entries are never used to train AI models. Sierra's tips use only the loved one's first name and dementia type you provide.
Export your data or delete your account at any time from billing. Deletion removes your profile, notes, attachments and subscription record.
Card details never touch our servers. Stripe (PCI-DSS Level 1) handles checkout and stores the payment method.
If you spot something that looks like a security or privacy issue, please email hello@thecarecompanion.com and we'll respond within two working days.
Last reviewed: 20 June 2026