Privacy Policy
Last updated: 18 May 2026
Introduction
Clear Path Care Advisory Ltd (“we”, “us”, “our”) is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, use, process, store, disclose, and protect your personal information when you:
•    visit our website; 
•    contact us; 
•    make enquiries; 
•    book consultations; 
•    purchase or use our services; or 
•    otherwise interact with us. 
We are the data controller responsible for your personal data for the purposes of applicable UK data protection legislation, including the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

Who We Are
CLEAR PATH CARE ADVISORY LTD
Company Number: 17092236
ICO Registration Number: ZC132625
Registered Office:
6 Woolhouse Way
Cringleford
Norwich
England
NR4 7FU
Email: contact@clearpathcareadvisory.com
Clear Path Care Advisory Ltd provides consultancy, advisory, administrative support, compliance, governance, and Care Quality Commission (CQC) registration support services to healthcare providers, care organisations, professionals, and individuals establishing, operating, or developing healthcare and care-related businesses.

What Information We Collect
We may collect and process the following categories of personal information.
Information You Provide Directly
This may include:
•    full name; 
•    email address; 
•    telephone number; 
•    postal address; 
•    job title; 
•    company or organisation details; 
•    payment and billing information; 
•    information submitted through forms, bookings, questionnaires, consultations, emails, calls, or correspondence; 
•    regulatory, operational, compliance, employment, governance, and application-related documentation; 
•    information relating to healthcare or care business operations; 
•    information required for CQC registration or compliance support; and 
•    any other information you choose to provide to us. 

Information Collected Automatically
When you use our website, we may automatically collect technical and usage information including:
•    IP address; 
•    browser type and version; 
•    device information; 
•    operating system; 
•    referral source; 
•    pages viewed; 
•    time spent on pages; 
•    website interaction data; and 
•    cookies and similar tracking technologies. 
Please refer to our Cookie Policy for further information.

Information Received From Third Parties
We may receive information from:
•    authorised referrers or professional contacts; 
•    payment service providers; 
•    software and technology providers; 
•    healthcare or care-related organisations where authorised; 
•    publicly available sources relevant to the Services; and 
•    regulators, authorities, or professional bodies where lawful and appropriate. 

Special Category and Sensitive Data
Due to the nature of our consultancy and compliance services, we may process special category personal data and sensitive information where relevant to the Services provided.
This may include:
•    health information; 
•    medical information; 
•    employment information; 
•    safeguarding information; 
•    DBS certificates; 
•    criminal convictions or offence information; 
•    compliance documentation; and 
•    regulatory disclosures. 
We only process this information where we have a lawful basis under UK GDPR and, where applicable, an additional lawful condition under Article 9 UK GDPR and Schedule 1 of the Data Protection Act 2018.
Processing may occur where:
•    you have provided explicit consent; 
•    processing is necessary to provide requested services; 
•    processing is necessary for compliance with legal or regulatory obligations; 
•    processing is necessary for the establishment, exercise, or defence of legal claims; or 
•    another lawful condition applies under applicable law. 

How We Use Your Information
We may use your personal information to:
•    respond to enquiries and booking requests; 
•    provide consultancy, advisory, compliance, administrative, and support services; 
•    prepare applications, reports, policies, documents, submissions, and recommendations; 
•    support CQC registration and compliance processes; 
•    communicate with authorised third parties on your behalf; 
•    process payments and administer accounts; 
•    manage contracts and service delivery; 
•    maintain business records; 
•    improve our website, systems, and services; 
•    comply with legal, regulatory, insurance, accounting, and professional obligations; 
•    investigate complaints or disputes; 
•    maintain security and prevent fraud; and 
•    send marketing communications where you have opted in or where otherwise permitted by law. 

Lawful Basis for Processing
We process personal information under one or more of the following lawful bases:
Contract
Processing is necessary to provide the services you request or to take steps prior to entering into a contract.
Consent
Where required, we rely on your consent to process certain categories of information, including some marketing activities and certain special category data.
Legal Obligation
Processing may be necessary to comply with legal or regulatory obligations.
Legitimate Interests
We may process information where necessary for our legitimate business interests, provided your rights and freedoms are not overridden.
Our legitimate interests may include:
•    operating and improving our business; 
•    service administration; 
•    fraud prevention; 
•    maintaining records; 
•    cybersecurity; 
•    quality assurance; and 
•    responding to enquiries. 

Who We Share Your Information With
We do not sell your personal information.
We may share information with:
•    IT service providers; 
•    cloud hosting providers; 
•    software and CRM providers; 
•    email and communication platforms; 
•    payment processors; 
•    accountants, auditors, insurers, lawyers, and professional advisers; 
•    approved subcontractors or administrative support providers; 
•    regulators, authorities, or law enforcement agencies where required; 
•    healthcare, compliance, or care-related organisations where authorised; and 
•    other third parties where necessary to provide the Services or comply with legal obligations. 
All third parties are expected to process personal information securely and lawfully.

International Transfers
We may use authorised personnel, subcontractors, service providers, software providers, cloud systems, or administrative support providers located in the United Kingdom, the European Economic Area (EEA), and other jurisdictions where necessary for the provision of the Services.
This may include processing in the Philippines where authorised support arrangements exist.
Where personal information is transferred outside the UK, we implement appropriate safeguards, including:
•    adequacy regulations; 
•    the UK International Data Transfer Agreement (IDTA); or 
•    the UK Addendum to Standard Contractual Clauses (SCCs), 
where required by applicable law.

Artificial Intelligence Tools
We may use artificial intelligence (“AI”) tools and automated software technologies as assistive technologies to support drafting, document preparation, administrative workflows, analysis, and delivery of our services.
AI tools are used under appropriate human supervision and outputs are subject to review where appropriate before use or delivery.
We do not knowingly input highly sensitive personal data into public AI systems without appropriate safeguards.
Any AI-assisted processing is carried out in accordance with applicable UK data protection legislation.

How We Protect Your Information
We implement reasonable technical and organisational measures designed to protect personal information against accidental loss, misuse, unauthorised access, disclosure, alteration, or destruction.
These measures may include:
•    secure storage systems; 
•    password protection; 
•    restricted access controls; 
•    encryption where appropriate; 
•    cybersecurity safeguards; 
•    staff confidentiality obligations; 
•    secure communication procedures; and 
•    system monitoring and security controls. 
While we take security seriously, no electronic transmission, cloud platform, website, internet connection, or email system can be guaranteed completely secure or uninterrupted.

How Long We Keep Your Information
We retain personal information only for as long as reasonably necessary for the purposes for which it was collected, including legal, accounting, regulatory, insurance, and reporting obligations.
Typical retention periods include:
•    active client records: duration of engagement plus up to 7 years; 
•    enquiry records where no engagement follows: up to 2 years; 
•    marketing records: until consent is withdrawn or unsubscribe occurs; 
•    website analytics data: up to 26 months; and 
•    sensitive supporting documentation, DBS certificates, and criminal offence information: only for as long as reasonably necessary for service delivery, compliance, or legal obligations. 
We may retain information for longer where required or permitted by law.

Your Rights
Under UK GDPR, you may have the following rights:
•    the right to access your personal information; 
•    the right to correct inaccurate or incomplete information; 
•    the right to request deletion of your information; 
•    the right to restrict processing; 
•    the right to object to processing; 
•    the right to data portability; 
•    the right to withdraw consent at any time where consent is relied upon; and 
•    rights relating to automated decision-making. 
To exercise your rights, contact:
contact@clearpathcareadvisory.com
We will respond in accordance with applicable legal requirements.

Marketing Communications
We may send marketing communications where you have opted in or where otherwise permitted by law.
You may unsubscribe from marketing communications at any time by:
•    clicking the unsubscribe link in emails; or 
•    contacting us directly at contact@clearpathcareadvisory.com. 

Cookies
Our website uses cookies and similar technologies to improve website functionality, analyse traffic, and enhance user experience.
Further details are available in our Cookie Policy.

Children’s Data
Our services are intended for business, professional, healthcare, and care-related purposes and are not directed at children.
We do not knowingly collect personal data directly from children under 16.
If you believe a child has provided personal information to us, please contact us so we can investigate and, where appropriate, delete the information.

Third-Party Websites
Our website may contain links to third-party websites or services.
We are not responsible for the privacy practices, content, or security of third-party websites.
We encourage you to read the privacy policies of any external websites you visit.

Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
The latest version will always be available on our website and will include the date of the latest update.

Complaints
If you have concerns about how we handle your personal information, please contact us first so we can attempt to resolve the matter.
Email: contact@clearpathcareadvisory.com
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk