CENTRIM LIFE LTD – PRIVACY POLICY (UK)

Company Number: 16529540

Registered Office: Victory House, 400 Pavilion Drive, Northampton Business Park, Northampton, NN4 7PA

Centrim Life Ltd ("Centrim Life", "we", "us", "our") is committed to protecting the privacy and security of personal data processed through:

  • The Centrim Life SaaS platform
  • The Centrim Life mobile and web applications
  • The Centrim Life corporate website (centrimlife.co.uk)

This Privacy Policy explains how we collect, use, store, and secure your personal data.

1. WHO WE ARE (DATA CONTROLLER / DATA PROCESSOR)

Depending on how our platform is used:

1.1 When we are the Data Processor

For all personal data entered into the Centrim Life SaaS platform by care homes, retirement villages, or staff users, Centrim Life acts as a Data Processor under UK GDPR.

The organisation using Centrim Life (the care provider) is the Data Controller.

1.2 When we are the Data Controller

We act as the Data Controller when:

  • Collecting data through our website (contact forms, cookies, analytics, marketing forms)
  • Collecting data from prospective customers
  • Managing our own sales, billing, and support operations
  • Managing support tickets submitted via Gleap
  • Managing error logs via Flare App

2. PERSONAL DATA WE COLLECT

2.1 Data collected through the Centrim Life application (Processor)

Data is entered by the care provider and may include:

I. Resident Data (determined by the care provider)
  • Name, room/unit
  • Dietary needs, allergies
  • IDDSI texture requirements
  • Feedback or incident records
  • Any notes or operational details added by staff

(Special Category Data may be included depending on customer configuration)

II. Staff & User Data
  • Name, role, email, phone (if provided)
  • Login credentials (hashed passwords), permissions
  • Activity logs
III. Visitor Data
  • Name, contact information
  • Visit logs
  • Sign-in/sign-out timestamps
IV. Operational Data
  • Maintenance jobs
  • Housekeeping workflows
  • Dining orders
  • Lifestyle activities
  • Facility records

Centrim Life only processes this data under the customer's instructions.

2.2 Data collected through the website and marketing activities (Controller)
I. Contact & Communication Forms
  • Name
  • Email
  • Phone number
  • Organisation details
  • Message contents
II. Marketing communications
  • Email address
  • Preferences & consent logs
III. Website analytics & cookies
  • IP address
  • Device/browser information
  • Pages visited
  • Session duration
  • Referrer URL

We may use Google Analytics, server-level logs, and security logs.

IV. Support Tickets (Gleap)
  • User email (optional)
  • Screenshots
  • Diagnostic logs
  • Steps leading to the issue
V. Error Logging (Flare App)
  • Error details
  • Request URL
  • User ID (if present in context)
  • Technical device/browser metadata

3. HOW WE USE PERSONAL DATA

3.1 As a Data Processor

We process data strictly to:

  • Provide the SaaS application
  • Support operational workflows
  • Maintain system security
  • Provide technical support

We do not use customer data for marketing, profiling, analytics, or any unrelated purpose.

3.2 As a Data Controller (for website & sales operations)

We process data to:

  • Respond to enquiries
  • Provide product demos
  • Send requested information
  • Improve the website
  • Maintain security and prevent misuse
  • Manage billing and customer account administration
  • Provide support services
3.3 Legal Bases

Depending on context:

  • Legitimate interests — responding to enquiries, securing systems
  • Performance of a contract — providing our services
  • Legal obligations — recordkeeping, finance
  • Consent — when subscribing to marketing emails

4. DATA SHARING & SUB-PROCESSORS

Centrim Life uses carefully selected sub-processors:

Sub-Processor Purpose Location
AWS UK (London Region) Hosting, infrastructure, storage United Kingdom
Postmark (EU/UK) Transactional email delivery EU/UK
Gleap (EU) In-app bug reporting & diagnostics EU
Flare App (EU) Error logging & crash reporting EU
Centrim Life Pty Ltd (UK-bound access only) Technical support Access only to UK systems
E-Caret Solutions (UK-bound access only) Technical support & development assistance Access only to UK systems
  • We do not sell or share personal data with advertisers.
  • We do not transfer application or resident data outside the UK.

5. INTERNATIONAL TRANSFERS

  • All application data is stored exclusively within the United Kingdom.
  • Sub-processor services run in UK or EU data centres (GDPR adequate).
  • Centrim Life Pty Ltd and E-Caret Solutions staff access only UK-hosted systems and no data is stored offshore.
  • No international transfers occur under Chapter V UK GDPR.

6. DATA RETENTION

6.1 Application data (Processor)

Retention is determined by the Customer (Data Controller).

After termination:

  • Live data deleted within 30 days
  • Backups deleted within 30–60 days
  • Destruction certificate issued
6.2 Website, sales & support data (Controller)
  • Contact form enquiries: 24 months
  • Marketing email lists: until unsubscribe
  • Website analytics: 26 months
  • Support tickets: 12 months
  • Error logs: 30–90 days

7. SECURITY MEASURES

Centrim Life enforces:

  • UK-only hosting (AWS London)
  • Encryption at rest (AES-256)
  • Encryption in transit (TLS 1.2+)
  • Access control with MFA & SSO
  • Role-based access control (RBAC)
  • Network-level firewalls & WAF
  • Vulnerability scanning & pen testing
  • Audit logging and monitoring
  • Strict least-privilege access
  • Disaster recovery with RTO 1 hour, RPO 4 hours.

8. YOUR RIGHTS

Under UK GDPR you have rights to:

  • Access your data
  • Correct inaccurate data
  • Request erasure
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent (marketing emails)

To exercise rights, contact: privacy@centrimlife.co.uk

Requests relating to data inside customer systems must be directed to the care provider who acts as Data Controller.

9. COOKIES

We use cookies for:

  • Essential website functionality
  • Analytics (Google Analytics / server logs)
  • Security and fraud prevention
  • Performance optimisation

Users can manage cookies via browser settings.

A full cookie policy can be generated separately.

10. CHILDREN'S DATA

  • Centrim Life does not target or market to children.
  • Resident data is entered by the care provider in compliance with safeguarding and lawful basis requirements.

11. CHANGES TO THIS POLICY

  • We may update this Privacy Policy periodically.
  • Changes will be posted on our website with the updated effective date.

12. CONTACT US

For privacy requests or concerns:

Data Protection Officer
Centrim Life Ltd
Victory House
400 Pavilion Drive
Northampton Business Park
Northampton, NN4 7PA

Email: privacy@centrimlife.co.uk

Phone: +44 (0) 1604 279636

CENTRIM LIFE LTD – END USER LICENCE AGREEMENT

Company Number: 16529540

This End User Licence Agreement (EULA) governs access to and use of the Centrim Life software platform, websites, web portals, mobile applications, modules, dashboards, APIs, reporting tools and related services made available in the United Kingdom by Centrim Life Ltd (Centrim Life, we, us, or our).

By accessing or using Centrim Life, you agree to comply with this EULA. If you do not agree to this EULA, you must not access or use the Platform.

This EULA applies to individual users who access or use the Platform, including staff, contractors, administrators, managers, maintenance personnel, lifestyle staff, dining and kitchen staff, concierge staff, reception staff, sales and admissions staff, suppliers, residents, family members, representatives, visitors and other authorised users.

1. IMPORTANT USER CATEGORIES

1.1 This EULA applies to different types of users.

1.2 Business Users means users who access the Platform in connection with their employment, engagement, contract, role or work for a Customer. This includes employees, contractors, managers, administrators, maintenance personnel, kitchen staff, lifestyle staff, concierge staff, reception staff, sales staff, suppliers and other work-related users.

1.3 External Users means users who are not Business Users but are given access to part of the Platform by or on behalf of a Customer. This may include residents, family members, representatives, visitors, nominees, substitute decision-makers or other external users.

1.4 Some terms in this EULA apply to all users. Some terms apply specifically to Business Users or External Users.

2. RELATIONSHIP BETWEEN THIS EULA AND THE CUSTOMER AGREEMENT

2.1 Centrim Life is provided to a care provider, retirement living operator, housing provider or other organisation under a separate subscription agreement, order form, SaaS agreement, data processing agreement, support schedule, statement of work or similar commercial agreement between Centrim Life and that organisation (Customer Agreement).

2.2 The organisation that has contracted with Centrim Life is referred to as the Customer.

2.3 This EULA applies to you as an individual user. The Customer Agreement governs the commercial relationship between Centrim Life and the Customer, including subscription fees, service scope, module availability, implementation services, support arrangements, service levels, data processing terms and termination rights.

2.4 If there is any inconsistency between this EULA and the Customer Agreement, the Customer Agreement will prevail to the extent of the inconsistency, except where this EULA imposes individual user obligations relating to account security, acceptable use, confidentiality, privacy, data protection, misuse or unauthorised access.

2.5 The Customer is responsible for deciding which users may access the Platform, what information they may see, which modules they may use and what permissions they are given.

3. DEFINITIONS

In this EULA:

  • Authorised User means an individual who has been authorised by the Customer or Centrim Life to access and use the Platform.
  • Business User has the meaning given in clause 1.2.
  • Customer means the organisation that has contracted with Centrim Life for access to the Platform.
  • Customer Agreement has the meaning given in clause 2.1.
  • Customer Data means information, records, documents, content, images, comments, maintenance records, asset information, resident-related information, family information, staff information, supplier information, contractor information, visitor information, dining information, lifestyle information, feedback records, complaint records, CRM or enquiry records, communication records, user activity data or other data submitted to or processed within the Platform on behalf of the Customer.
  • External User has the meaning given in clause 1.3.
  • Platform means the Centrim Life software platform, including web applications, mobile applications, portals, dashboards, modules, APIs, reporting tools, administrative tools and related software services.
  • Services means the software access, hosting, support, maintenance, updates, implementation assistance and related services provided by Centrim Life under the Customer Agreement.
  • User Content means any information, comments, notes, attachments, photographs, documents, forms, responses, requests, updates or other materials submitted by a user through the Platform.

4. PLATFORM SCOPE

4.1 Centrim Life may include one or more of the following modules or functions, depending on the Customer's subscription and configuration:

  1. Maintenance and Asset Management;
  2. Dining and Kitchen Management;
  3. Lifestyle and Activities Management;
  4. Feedback, Complaints, Compliments and Quality Management;
  5. Communication and Notices;
  6. Visitor Management;
  7. Concierge and Resident Services;
  8. CRM, Enquiry and Lead Management;
  9. Family, Resident and Representative Portals or Apps;
  10. Reporting, dashboards and administrative tools;
  11. document, task, workflow, audit and notification functions; and
  12. other modules, features, integrations or services made available by Centrim Life from time to time.

4.2 The specific modules available to you will depend on the Customer's subscription, your role, your permissions, your site access and the Customer's configuration of the Platform.

4.3 The Platform does not include the Australian Higher Everyday Living Fee / HELF module in the United Kingdom unless expressly agreed in writing by Centrim Life and the Customer.

4.4 Any UK-specific premium services, optional services, billing, resident services, AI-assisted features, clinical functionality, custom workflow or bespoke integration may be subject to additional terms, an order form, a module schedule or a separate statement of work.

5. LICENCE TO USE THE PLATFORM

5.1 Subject to this EULA and the Customer Agreement, Centrim Life grants you a limited, non-exclusive, non-transferable, non-sublicensable and revocable licence to access and use the Platform.

5.2 Business Users may use the Platform solely for the Customer's authorised internal business and operational purposes.

5.3 External Users may use the Platform solely for the limited purposes made available to them by the Customer, such as viewing authorised information, submitting requests, communicating with the Customer, making bookings or using resident or family app functions.

5.4 You must only use the Platform:

  1. as an Authorised User;
  2. for legitimate and authorised purposes;
  3. in accordance with this EULA, the Customer's policies and any instructions provided by the Customer; and
  4. within the scope of the modules, sites, homes, residents, families, records, permissions and functions made available to you.

5.5 You must not use the Platform for unauthorised, unlawful, harmful, misleading, abusive, competitive or improper purposes.

6. CUSTOMER CONFIGURATION AND RESPONSIBILITY

6.1 The Customer is responsible for determining how the Platform is configured and used within its organisation.

6.2 This includes responsibility for:

  1. user permissions;
  2. site and home access;
  3. role-based access controls;
  4. onboarding and offboarding users;
  5. module settings;
  6. workflow design;
  7. escalation pathways;
  8. approval processes;
  9. family, resident and representative access;
  10. communication settings;
  11. reporting use;
  12. internal policies and procedures; and
  13. determining what information is entered into or made visible through the Platform.

6.3 Centrim Life is not responsible for the Customer's internal policies, operational decisions, regulatory compliance, staffing decisions, care decisions, safeguarding decisions, complaint handling, food safety processes, maintenance decisions, admissions processes, billing decisions or failure to act on information recorded in the Platform.

6.4 The Customer remains responsible for ensuring that its use of the Platform complies with applicable laws, regulatory requirements, care standards, data protection obligations, consumer obligations, safeguarding obligations, food safety obligations, health and safety obligations and internal governance requirements.

7. USER ACCOUNTS AND ACCESS SECURITY

7.1 You are responsible for maintaining the confidentiality and security of your login credentials.

7.2 You must not:

  1. share your username, password, MFA code, access token or session access with any other person;
  2. allow another person to access the Platform using your account;
  3. use another person's account;
  4. attempt to bypass security controls, permissions, MFA, audit logs or access restrictions;
  5. continue using the Platform after your authority to access it has ended; or
  6. attempt to access information, modules, records, sites, homes, residents, families, suppliers, visitors, reports or functions that you are not authorised to access.

7.3 You must immediately notify your manager, system administrator, the Customer or Centrim Life support if you become aware of any unauthorised access, suspected account compromise, incorrect permission, data issue, security incident or privacy incident.

7.4 The Customer is responsible for managing user access, role permissions, onboarding, offboarding and internal authorisation unless otherwise agreed in the Customer Agreement.

8. ACCEPTABLE USE

8.1 You must use Centrim Life responsibly, lawfully and professionally.

8.2 You must not:

  1. upload, submit or transmit unlawful, defamatory, abusive, offensive, discriminatory, misleading, fraudulent or malicious content;
  2. use the Platform to harass, intimidate, monitor, threaten or target another person unlawfully;
  3. interfere with the operation, security, performance or availability of the Platform;
  4. introduce viruses, malware, harmful code or unauthorised scripts;
  5. scrape, crawl, copy, extract or harvest Platform data except through authorised functionality;
  6. reverse engineer, decompile, disassemble, modify, adapt or attempt to derive the source code of the Platform;
  7. use the Platform to develop, train, benchmark or improve a competing product or service;
  8. remove or obscure proprietary notices;
  9. misuse resident, family, staff, visitor, supplier, contractor or care-home information;
  10. submit false, misleading, backdated, incomplete or inappropriate records;
  11. send spam, unauthorised marketing, offensive communications or messages to incorrect recipients; or
  12. use the Platform in a way that may breach applicable law, regulation, care standards, privacy obligations, safeguarding obligations, health and safety obligations, food safety obligations or the Customer's policies.

9. CARE HOME, RETIREMENT LIVING AND OPERATIONAL USE

9.1 Centrim Life is designed to assist care providers, retirement living operators and related organisations with operational workflows, including maintenance management, dining operations, lifestyle activities, feedback and quality processes, visitor records, communication, resident and family engagement, concierge services, CRM and enquiry management, reporting and administration.

9.2 Unless expressly agreed in writing, Centrim Life is not:

  1. a clinical decision-making system;
  2. an electronic medication management system;
  3. an emergency response system;
  4. a nurse call system;
  5. a fire alarm or building safety system;
  6. a safeguarding reporting authority;
  7. a medical device;
  8. a substitute for professional care, clinical judgement, safeguarding processes, emergency procedures or regulatory obligations; or
  9. a substitute for the Customer's internal policies, procedures, approvals or escalation pathways.

9.3 Users remain responsible for applying professional judgement, following the Customer's policies, escalating urgent issues and complying with applicable laws, regulatory requirements, care standards, safeguarding requirements, workplace obligations and professional responsibilities.

10. EMERGENCY, SAFEGUARDING AND URGENT ESCALATION

10.1 The Platform must not be used as the sole method for reporting or managing emergencies, urgent resident safety issues, safeguarding concerns, clinical concerns, critical maintenance failures, fire risks, infection control risks, food safety risks, security risks or other time-sensitive matters.

10.2 Users must immediately escalate emergencies, safeguarding concerns, resident safety concerns, serious complaints, food safety risks, fire risks, infection control risks, building safety concerns or urgent operational issues through the Customer's approved urgent escalation channels.

10.3 External Users must contact the Customer directly, emergency services or another appropriate urgent contact where a matter is urgent, serious, safety-related or time-sensitive.

10.4 Logging a request, message, job, feedback item, complaint or note in Centrim Life does not guarantee that it will be reviewed immediately.

11. NO CLINICAL, LEGAL, FINANCIAL OR PROFESSIONAL ADVICE

11.1 The Platform may display, store or process information relating to residents, families, maintenance, dining, lifestyle, services, feedback, communications, enquiries and operational workflows.

11.2 Centrim Life does not provide medical, clinical, nursing, nutritional, dietetic, safeguarding, legal, financial, tax, insurance, property, employment or professional advice.

11.3 Users must not rely on the Platform as the sole basis for clinical, safeguarding, legal, financial, employment, billing, care, dietary, resident safety, admissions or regulatory decisions.

11.4 Where information in the Platform is relevant to care, safety, food, dietary, allergy, texture, safeguarding or resident wellbeing matters, users must verify that information in accordance with the Customer's approved procedures before relying on it.

12. CUSTOMER DATA AND USER CONTENT

12.1 Customer Data belongs to the Customer or its licensors, not to Centrim Life.

12.2 You are responsible for the User Content you submit through the Platform.

12.3 You must ensure that User Content is:

  1. accurate to the best of your knowledge;
  2. relevant to the task, workflow, resident, family, site, enquiry, job, activity, feedback item, complaint, communication or report;
  3. not excessive;
  4. not misleading;
  5. not offensive or inappropriate;
  6. entered in the correct module or field; and
  7. entered in accordance with the Customer's policies and applicable law.

12.4 Centrim Life may process, store, transmit, back up, access or use Customer Data and User Content as necessary to provide, secure, maintain, support, improve and administer the Services, subject to the Customer Agreement and applicable data protection terms.

12.5 You acknowledge that activity within the Platform may be logged, audited, monitored or reviewed by the Customer and/or Centrim Life for security, support, compliance, troubleshooting, performance, audit and operational purposes.

13. RECORDS AND REPORTS

13.1 The Platform may be used to record, manage, display and report information relating to operational workflows.

13.2 Unless expressly agreed in the Customer Agreement, the Platform is an operational workflow and record-management tool and is not the Customer's sole or definitive statutory, clinical, financial, regulatory, safeguarding, complaint, food safety, health and safety or care record.

13.3 Reports, dashboards, exports and analytics may depend on the accuracy, completeness and timeliness of data entered by users and received from third-party systems.

13.4 The Customer is responsible for validating reports, dashboards and exports before using them for regulatory, financial, contractual, employment, care, safeguarding, compliance or formal decision-making purposes.

14. PERSONAL DATA AND PRIVACY

14.1 Centrim Life processes personal data in accordance with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018, where applicable.

14.2 Where Centrim Life processes Customer Data containing personal data on behalf of the Customer, Centrim Life does so as processor and the Customer acts as controller, unless the Customer Agreement or Data Processing Agreement expressly states otherwise.

14.3 The processing of personal data by Centrim Life is governed by the applicable Data Processing Agreement between Centrim Life and the Customer.

14.4 Individual users must comply with the Customer's instructions, policies, privacy notices, lawful basis requirements, data minimisation obligations, access controls and retention requirements when using the Platform.

14.5 You must only access, use, disclose, upload or process personal data where you are authorised to do so and where it is necessary for your role or authorised use of the Platform.

14.6 You must not export, copy, download, screenshot, disclose or share personal data from the Platform unless authorised by the Customer and permitted by applicable law.

14.7 You must promptly report any actual or suspected privacy breach, unauthorised disclosure, incorrect access, data loss or data security issue in accordance with the Customer's incident reporting procedures.

14.8 Centrim Life's Privacy Policy may provide further information about how Centrim Life handles personal data in connection with the Platform.

15. SPECIAL CATEGORY DATA AND SENSITIVE INFORMATION

15.1 The Platform may contain or process sensitive information, including information relating to residents, health, dietary needs, allergies, food texture requirements, family circumstances, complaints, safeguarding matters, financial representatives, service requests or wellbeing.

15.2 Users must not enter health information, dietary information, allergy information, safeguarding information, financial information or other sensitive personal data unless it is necessary, authorised, accurate and entered in accordance with the Customer's policies and applicable data protection laws.

15.3 Users must avoid entering unnecessary sensitive information in free-text fields, comments, attachments, photographs, notes or communications.

15.4 Users must only upload photographs or documents containing personal or sensitive information where there is a legitimate operational reason and they are authorised to do so.

16. CONFIDENTIALITY

16.1 You may have access to confidential information belonging to Centrim Life, the Customer, residents, families, staff, visitors, suppliers, contractors or third parties.

16.2 You must keep confidential information secure and must not use or disclose it except as authorised and required for legitimate purposes.

16.3 Confidential information includes:

  1. resident, family, staff, visitor, supplier and contractor information;
  2. care-home and retirement living operational information;
  3. maintenance records, dining records, lifestyle records, feedback records, complaint records, incident-related information, quality records, audit records, enquiry records and reports;
  4. Platform functionality, pricing, security information, workflows, documentation and technical information; and
  5. any information that should reasonably be understood to be confidential.

16.4 Your confidentiality obligations continue after your access to the Platform ends.

17. INTELLECTUAL PROPERTY

17.1 Centrim Life and its licensors own all intellectual property rights in the Platform, including software, source code, object code, architecture, designs, interfaces, workflows, databases, templates, documentation, branding, trade marks, know-how and related materials.

17.2 Except for the limited licence expressly granted under this EULA, you receive no ownership rights in the Platform.

17.3 You must not copy, reproduce, modify, distribute, sell, lease, host, resell, sublicense, commercially exploit or create derivative works based on the Platform.

17.4 Feedback, suggestions, ideas, enhancement requests or recommendations provided by you may be used by Centrim Life to improve the Platform without restriction or obligation to compensate you, provided Centrim Life does not disclose Customer confidential information in doing so.

18. THIRD-PARTY SERVICES, INTEGRATIONS AND SOURCE SYSTEMS

18.1 The Platform may interoperate with third-party systems, hosting providers, communication tools, identity providers, digital signing platforms, email services, analytics tools, payment providers, APIs, clinical systems, CRM systems or other integrations.

18.2 Your use of third-party services may be subject to separate terms, privacy notices, security arrangements and service availability.

18.3 Centrim Life is not responsible for third-party systems, outages, errors, data issues, changes, delays or failures except to the extent expressly stated in the Customer Agreement.

18.4 Where data is imported, synced, displayed or received from a third-party system or Customer system, users must verify its accuracy before relying on it for operational, care, safety, billing, dietary, allergy, safeguarding, compliance or reporting purposes.

18.5 The Customer is responsible for ensuring that it has the right to connect third-party systems, share data with Centrim Life and use integrated workflows.

19. AI-ASSISTED FEATURES

19.1 The Platform may include AI-assisted, automation-assisted or recommendation-based features from time to time.

19.2 AI-assisted outputs are provided to assist users and must not be treated as final, complete, verified or professional advice.

19.3 Users must review, validate and approve AI-assisted outputs before relying on them, sending them, submitting them, actioning them or using them in records.

19.4 AI-assisted features must not be used as the sole basis for clinical, safeguarding, legal, financial, employment, billing, care, dietary, resident safety, admissions, regulatory or disciplinary decisions.

19.5 The availability and scope of AI-assisted features may be subject to additional terms, Customer configuration, module availability and applicable laws.

20. MOBILE APPLICATIONS AND APP STORES

20.1 If you access Centrim Life through a mobile application, you are responsible for maintaining the security of your device.

20.2 You must not use the mobile application on a device that is compromised, jailbroken, rooted, insecure, shared inappropriately or used in a way that may expose Customer Data.

20.3 You must promptly install updates made available for the mobile application where required for security, compatibility or continued use.

20.4 Mobile app store providers, including Apple and Google, are not parties to this EULA and are not responsible for providing maintenance, support or services for the Platform.

20.5 Your use of a mobile application may also be subject to applicable app store terms and device operating system requirements.

21. COMMUNICATIONS, MESSAGING AND MARKETING

21.1 Where the Platform is used to send messages, notices, updates, announcements, emails, SMS messages, app notifications or other communications, the Customer is responsible for ensuring that such communications are lawful, authorised, accurate and sent to the correct recipients.

21.2 Users must not send unauthorised marketing communications, sensitive information, confidential information or personal data to recipients unless authorised by the Customer and permitted by applicable law.

21.3 Users must take care when selecting recipients, groups, sites, homes, residents, family members, representatives or staff before sending communications.

21.4 The Customer is responsible for ensuring that it has appropriate consent, lawful basis or other authority to send communications through the Platform.

22. CONCIERGE, OPTIONAL SERVICES AND PAYMENTS

22.1 Where the Concierge or Resident Services module is used for service requests, bookings, optional services, payments, billing or resident services, the Customer is responsible for the relevant service descriptions, prices, approvals, consents, fulfilment, refunds, taxes, complaints and disputes.

22.2 Centrim Life provides software functionality only unless expressly agreed otherwise in the Customer Agreement.

22.3 Users must not promise services, charges, discounts, refunds, approvals, availability or outcomes unless authorised by the Customer.

22.4 External Users should contact the Customer directly regarding any service delivery issue, billing issue, refund request, complaint or dispute relating to goods or services offered by the Customer.

23. AVAILABILITY, SUPPORT AND CHANGES

23.1 Platform availability, service levels, support commitments, maintenance windows and response times are governed by the Customer Agreement.

23.2 Centrim Life may update, modify, improve, enhance, suspend or discontinue parts of the Platform from time to time, provided this is done in accordance with the Customer Agreement.

23.3 Centrim Life may suspend or restrict your access if:

  1. required by the Customer;
  2. your account is suspected of being compromised;
  3. you breach this EULA;
  4. your access creates a security, legal, operational, privacy or data protection risk;
  5. required by law or a competent authority; or
  6. necessary to protect the Platform, Customer Data, other users or Centrim Life's systems.

24. NO SEPARATE WARRANTIES TO BUSINESS USERS

24.1 The Platform is provided to Business Users under the Customer Agreement.

24.2 To the maximum extent permitted by law, Centrim Life does not provide any separate warranty, representation, guarantee, service commitment or remedy directly to Business Users.

24.3 Any warranties, service commitments, support obligations, service credits or remedies are provided to the Customer under the Customer Agreement and not separately to Business Users.

25. EXTERNAL USERS AND CONSUMER RIGHTS

25.1 Where you use the Platform as an External User, your access is provided because the Customer has chosen to make certain Platform functions available to you.

25.2 External Users must only use the Platform for the purposes made available by the Customer.

25.3 External Users must not misuse the Platform, access another person's information, submit abusive or unlawful content, interfere with the Platform, send inappropriate communications or rely on the Platform for urgent care, safeguarding, emergency, clinical, legal or financial matters.

25.4 Nothing in this EULA excludes, restricts or limits any statutory rights that apply to an individual user where those rights cannot lawfully be excluded, restricted or limited.

25.5 Where you use the Platform as a consumer, this EULA applies only to the extent permitted by applicable law.

26. LIMITATION OF LIABILITY

26.1 Nothing in this EULA excludes or limits liability where it would be unlawful to do so, including liability for death or personal injury caused by negligence, fraud, fraudulent misrepresentation, breach of any obligation that cannot lawfully be excluded, or any other liability that cannot lawfully be excluded or limited.

26.2 To the maximum extent permitted by law, Centrim Life's contractual obligations, service commitments, warranties, service credits, support obligations and remedies are owed to the Customer under the Customer Agreement and not separately to individual users.

26.3 Subject to clauses 26.1 and 26.2, Centrim Life will not be liable to an individual user for:

  1. loss of profit, revenue, business, goodwill, opportunity, anticipated savings or reputation;
  2. indirect, special, incidental, punitive or consequential loss;
  3. loss arising from unauthorised use of the user's account caused by the user's failure to protect login credentials;
  4. loss arising from the user's breach of this EULA or the Customer's policies;
  5. loss arising from third-party systems, integrations, source systems or services;
  6. loss arising from inaccurate, incomplete or delayed information entered by users or third-party systems;
  7. loss arising from reliance on the Platform as a substitute for professional judgement, urgent escalation, clinical processes, safeguarding procedures, emergency procedures, food safety processes or regulatory compliance processes; or
  8. matters governed by the Customer Agreement.

26.4 Any liability owed by Centrim Life to the Customer is governed by the Customer Agreement.

26.5 This clause does not affect any rights that cannot lawfully be excluded or limited.

27. USER RESPONSIBILITY AND INDEMNITY

27.1 You are responsible for your own misuse of the Platform, breach of this EULA, unauthorised access, unauthorised disclosure or unlawful use of data.

27.2 Business Users agree, where permitted by law, to indemnify Centrim Life for losses, claims, damages, costs or expenses arising from their intentional misuse of the Platform, unlawful conduct, unauthorised disclosure of confidential information, infringement of intellectual property rights or serious breach of this EULA.

27.3 The indemnity in clause 27.2 does not apply to External Users acting as consumers, except to the extent permitted by applicable law.

27.4 This clause does not limit any rights or obligations that may exist between you and the Customer under employment, contractor, confidentiality, professional, resident, family, representative or workplace policies.

28. SUSPENSION AND TERMINATION OF ACCESS

28.1 Your right to use the Platform will end immediately if:

  1. the Customer withdraws your access;
  2. your employment, engagement, residency-related access, family access, representative access or other authorisation with the Customer ends;
  3. the Customer Agreement expires or terminates;
  4. Centrim Life suspends or terminates access in accordance with this EULA or the Customer Agreement; or
  5. you breach this EULA.

28.2 On termination of access, you must stop using the Platform and must not attempt to regain access without authorisation.

28.3 Termination of your access does not affect clauses intended to survive, including confidentiality, intellectual property, privacy, data protection, limitation of liability, indemnity and governing law.

29. AUDIT LOGS AND MONITORING

29.1 The Platform may record audit logs, including login activity, user actions, timestamps, IP addresses, device information, data changes, task updates, comments, attachments, form submissions, administrative actions and workflow activity.

29.2 Audit logs may be used for security, support, compliance, investigation, dispute resolution, operational reporting, regulatory purposes and audit purposes.

29.3 You must not attempt to alter, conceal, delete, interfere with or bypass audit logs.

30. EXPORT CONTROLS AND RESTRICTED USE

30.1 You must not use the Platform in breach of applicable sanctions, export control laws or restrictions.

30.2 You must not access or use the Platform from a location, organisation or account that is prohibited by applicable law or by Centrim Life's reasonable security requirements.

31. UPDATES TO THIS EULA

31.1 Centrim Life may update this EULA from time to time.

31.2 Where changes are material, Centrim Life may provide notice through the Platform, by email, through the Customer or by another reasonable method.

31.3 Continued use of the Platform after the updated EULA takes effect will constitute acceptance of the updated EULA.

31.4 Where required by law, Centrim Life will obtain appropriate consent or provide additional notice before material changes apply to individual users.

32. GOVERNING LAW AND JURISDICTION

32.1 This EULA is governed by the laws of England and Wales.

32.2 The courts of England and Wales will have exclusive jurisdiction in relation to any dispute arising out of or in connection with this EULA, subject to any mandatory rights or alternative dispute arrangements that cannot lawfully be excluded.

33. CONTACT

For questions about this EULA, please contact:

Centrim Life Ltd
Email: dpo@centrimlife.co.uk
Website: www.centrimlife.co.uk
Registered Office:
Victory House, 400 Pavillion Drive
Northampton Business Park
Northampton, NN4 7PA
United Kingdom
Company Number: 16529540

SCHEDULE 1 — ADDITIONAL USER RULES FOR CARE HOME AND RETIREMENT LIVING ENVIRONMENTS

1. RESIDENT, FAMILY AND REPRESENTATIVE INFORMATION

Users must treat resident, family, representative and visitor information with care and confidentiality. Users must only access such information where necessary for their authorised role or permitted use.

2. PHOTOGRAPHS AND ATTACHMENTS

Users must not upload photographs of residents, family members, staff, visitors, private rooms, personal belongings, medical information or sensitive areas unless authorised and necessary for a legitimate operational purpose.

3. SAFETY ESCALATION

Where an issue may affect resident safety, safeguarding, fire safety, infection control, food safety, building safety, access, heating, cooling, water, electricity, care delivery or urgent operations, users must follow the Customer's urgent escalation process and must not rely solely on logging the issue in Centrim Life.

4. ACCURACY OF RECORDS

Users must not intentionally enter false, misleading, incomplete, backdated or inappropriate information into the Platform.

5. PROFESSIONAL LANGUAGE

Comments, notes and records entered into Centrim Life must be professional, factual, respectful and suitable for audit, management review, complaint review or regulatory scrutiny.

6. ROLE-BASED ACCESS

Users must not attempt to view or access records for another site, home, resident, family, supplier, asset, job, enquiry, activity, visitor, complaint, feedback item or department unless authorised to do so.

SCHEDULE 2 — DATA PROTECTION SUMMARY FOR USERS

  1. The Customer usually decides what personal data is entered into Centrim Life and why it is used.
  2. Centrim Life usually processes that data on the Customer's behalf to provide the Platform.
  3. Users must only enter personal data that is necessary, accurate, relevant and authorised.
  4. Users must not export, share, photograph, screenshot or disclose personal data unless authorised.
  5. Suspected privacy or security incidents must be reported promptly.
  6. Centrim Life may use technical and organisational measures such as access controls, encryption, audit logs, backups, monitoring and role-based permissions to protect Customer Data.
  7. Data retention, export, deletion and return are governed by the Customer Agreement and the Customer's instructions.
  8. Users should avoid entering unnecessary sensitive personal data into comments, free-text fields, attachments and communications.

SCHEDULE 3 — MODULE-SPECIFIC USER TERMS

1. MAINTENANCE, HOUSEKEEPING AND ASSET MANAGEMENT

1.1 The Maintenance and Asset Management module is intended to assist with maintenance requests, asset records, contractor coordination, planned maintenance, reactive maintenance, reporting and operational oversight.

1.2 The module does not replace the Customer's legal obligations for health and safety, fire safety, building compliance, contractor compliance, workplace safety, safeguarding, care-quality compliance or regulatory reporting.

1.3 Users must ensure that jobs are categorised, prioritised, assigned, updated and closed in accordance with the Customer's internal process.

1.4 Urgent safety issues must be escalated outside the Platform using the Customer's approved urgent response process.

1.5 Users must not use the module to store unnecessary sensitive personal data.

2. DINING AND KITCHEN MANAGEMENT

2.1 The Dining and Kitchen Management module is intended to assist with menus, meal services, kitchen workflows, resident preferences, dietary information, meal orders, production reports and related dining operations.

2.2 The module does not replace the Customer's responsibility for food safety, allergen management, dietitian input, clinical advice, modified texture compliance, resident nutrition, kitchen procedures or regulatory obligations.

2.3 Users must ensure that dietary, allergy, texture, preference and meal information entered into or displayed by the Platform is accurate, current and verified in accordance with the Customer's internal procedures.

2.4 Urgent food safety, allergen, choking risk, nutrition or resident safety concerns must be escalated through the Customer's approved process and must not rely solely on the Platform.

2.5 Users must not make unauthorised clinical, dietary, allergy or texture changes unless permitted by their role and the Customer's procedures.

3. LIFESTYLE AND ACTIVITIES MANAGEMENT

3.1 The Lifestyle and Activities module is intended to assist with activity planning, attendance, resident engagement, calendars, lifestyle records, communications and reporting.

3.2 Users must record lifestyle participation, preferences, feedback and engagement information accurately and respectfully.

3.3 Users must not include inappropriate comments, assumptions, sensitive personal opinions or unnecessary health information in lifestyle records.

3.4 The module does not replace professional judgement, resident consent processes, safeguarding obligations, risk assessment or the Customer's care and wellbeing responsibilities.

4. FEEDBACK, COMPLAINTS, COMPLIMENTS AND QUALITY MANAGEMENT

4.1 The Feedback and Quality module is intended to assist with recording, tracking, managing, reviewing and reporting feedback, complaints, compliments, suggestions, quality actions, audits, surveys, risks, incidents, improvement items and related processes.

4.2 Users must ensure feedback and quality records are factual, professional, respectful and entered in accordance with the Customer's complaint handling and quality procedures.

4.3 The module does not replace the Customer's regulatory, complaint handling, safeguarding, duty of candour, quality assurance, incident reporting or notification obligations.

4.4 Serious complaints, safeguarding concerns, reportable incidents or urgent risks must be escalated through the Customer's approved escalation channels.

5. COMMUNICATION AND NOTICES

5.1 The Communication module is intended to assist with sending or displaying authorised communications, notices, updates, messages, announcements and related content.

5.2 Users must ensure communications are accurate, appropriate, authorised and intended for the correct audience.

5.3 Users must not use the communication functions to send spam, offensive content, unauthorised marketing, confidential information to unauthorised recipients or messages that breach privacy, employment, safeguarding, consumer protection or communication obligations.

5.4 The Customer remains responsible for approving communications and ensuring they are suitable for residents, families, staff, visitors and other recipients.

6. VISITOR MANAGEMENT

6.1 The Visitor Management module is intended to assist with visitor registration, check-in, check-out, visitor records, site access information and related operational processes.

6.2 The module does not replace the Customer's responsibilities for site security, safeguarding, infection control, emergency management, access control or visitor screening procedures.

6.3 Users must not misuse visitor information or access visitor records unless authorised.

6.4 Any urgent concern relating to an unauthorised visitor, safeguarding risk, emergency, infection control issue or site safety risk must be escalated through the Customer's approved process.

7. CONCIERGE AND RESIDENT SERVICES

7.1 The Concierge module is intended to assist with resident requests, service requests, bookings, optional services, tasks, approvals, communications and related operational workflows.

7.2 Users must ensure that resident and family requests are recorded accurately and handled in accordance with the Customer's policies.

7.3 Users must not promise services, charges, refunds, approvals, availability or outcomes unless authorised by the Customer.

7.4 Where payment, billing or optional service information is used, the Customer remains responsible for ensuring that charges, approvals, disclosures, resident consent, refunds and financial processes comply with applicable law and the Customer's policies.

8. CRM, ENQUIRY AND LEAD MANAGEMENT

8.1 The CRM, Enquiry and Lead Management module is intended to assist with enquiries, prospective residents, family contacts, tours, follow-ups, admissions-related workflows, communications and reporting.

8.2 Users must ensure enquiry records are accurate, professional and handled in accordance with privacy, consent, marketing and communication requirements.

8.3 Users must not enter misleading information, make unauthorised promises or send unauthorised marketing communications.

8.4 The module does not replace the Customer's obligations in relation to admissions, resident agreements, consumer information, capacity, consent, financial disclosure, marketing compliance or regulatory requirements.

9. FAMILY, RESIDENT AND REPRESENTATIVE APPS OR PORTALS

9.1 Family, resident and representative access may be provided where enabled by the Customer.

9.2 Users of family, resident or representative portals must only access information and functions made available to them by the Customer.

9.3 Such users must not misuse communications, submit inappropriate content, attempt to access another resident's information or use the Platform for abusive, unlawful or disruptive purposes.

9.4 The Customer is responsible for deciding what information is made available to families, residents, representatives or other external users.

9.5 Family, resident and representative users must contact the Customer directly for urgent matters, complaints, corrections, service disputes, care concerns, safeguarding concerns or emergency issues.

10. REPORTING, DASHBOARDS AND ADMINISTRATION

10.1 Reporting, dashboard, analytics and administration functions are intended to assist with operational oversight, management review, audit, quality improvement and internal reporting.

10.2 Users must not export, disclose, circulate or rely on reports outside their authorised purpose.

10.3 Reports and dashboards may depend on the accuracy and completeness of data entered by users and integrated systems.

10.4 The Customer remains responsible for validating reports before using them for regulatory, financial, contractual, employment, care, safeguarding, compliance or formal decision-making purposes.

SCHEDULE 4 — EXCLUDED OR SEPARATELY AGREED MODULES

  1. Any premium services, resident billing, optional services, AI-assisted features, clinical functionality or fee-management module may be introduced under a separate module schedule, order form or additional terms.
  2. Clinical, medication, electronic care planning, nurse call, emergency response or medical-device functionality is not included unless expressly stated in the Customer Agreement.
  3. Any custom integration, migration, data conversion, API development, bespoke workflow, custom report or third-party system connection is subject to the Customer Agreement or a separate statement of work.