Care Safety Check is committed to being transparent about what data we collect, why we collect it, and how we use it. This policy explains our practices in plain language.
1. What data we collect
Information you provide directly
- Email address and first name — collected when you request the free checklist, sign up for facility monitoring alerts, or submit a contact form
- Contact form submissions — your name, email, subject, and message when you contact us
- Payment information — if you purchase a facility report, payment is processed by a third-party payment processor (currently Stripe). We do not store your credit card number, billing address, or full payment details on our servers. We receive only a transaction confirmation and the last four digits of the card used
Information collected automatically
- Basic server logs — IP address, browser type, pages visited, and timestamps, collected automatically by our hosting provider (Hostinger) for security and uptime purposes
- Analytics — if analytics are enabled, we collect aggregated, anonymized traffic data (page views, session duration, traffic source). We do not use advertising analytics or cross-site tracking
- Cookies — this site uses only essential cookies required for WordPress functionality (session management, form security tokens). We do not use advertising cookies, behavioral tracking cookies, or third-party tracking pixels
2. How we use your data
- Email address — to deliver the specific content you requested (checklist, facility alerts, contact reply) and, with your consent, occasional updates about new features or coverage expansions. We never email without a clear opt-in basis.
- Contact form data — to respond to your inquiry. We do not add contact form submissions to marketing lists without explicit consent.
- Purchase data — to confirm and fulfill your report order, and to comply with financial recordkeeping requirements.
- Server logs and analytics — to maintain site security, diagnose technical problems, and understand which content is most useful to visitors.
3. What we do not do with your data
- We do not sell your email address or personal information to third parties
- We do not share your data with care facilities listed on this site
- We do not use your data for targeted advertising
- We do not build behavioral profiles or track you across other websites
- We do not use your contact information to solicit placement referrals or facility recommendations
4. Third-party services we use
We use a small number of third-party services to operate this site. Each has its own privacy policy:
- Hostinger — website hosting. Server logs are retained per Hostinger's standard data retention policy.
- Stripe — payment processing for facility report purchases. Stripe is PCI-DSS compliant. See stripe.com/privacy.
- Email service provider — we use a third-party email platform to deliver checklist and alert emails. Your email address is stored with this provider for the sole purpose of sending communications you have requested. You can unsubscribe at any time.
We evaluate all third-party services for data privacy practices before use and do not integrate advertising networks, social media tracking pixels, or behavioral analytics platforms.
5. Data retention
- Email subscribers — your email address is retained until you unsubscribe or request deletion
- Purchase records — retained for 7 years for financial and tax compliance purposes
- Contact form submissions — retained for 12 months, then deleted
- Server logs — retained by our hosting provider per their standard policy (typically 30–90 days)
6. Your rights
Regardless of where you are located, you have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate data
- Deletion — request deletion of your personal data (subject to legal retention requirements)
- Unsubscribe — opt out of any email communication at any time via the unsubscribe link in any email or by contacting us directly
- Portability — request your data in a portable format
To exercise any of these rights, contact us at hello@caresafetycheck.com. We will respond within 10 business days.
7. Children's privacy
This site is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has submitted information to us, please contact us and we will delete it promptly.
8. Security
We use industry-standard security practices including HTTPS encryption for all data in transit, access controls limiting who can access stored data, and a payment processor (Stripe) that handles all payment data in a PCI-DSS compliant environment. No data transmission over the internet can be guaranteed 100% secure. If you have security concerns, contact us immediately.
9. California residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your CCPA rights, contact us at hello@caresafetycheck.com.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. Material changes will be communicated to email subscribers before taking effect. Continued use of the site after any update constitutes acceptance of the revised policy.
11. Contact
Privacy questions, data requests, or security concerns: hello@caresafetycheck.com.
Care Safety Check · caresafetycheck.com