1. Who we are
Nemora Healthcare Solutions Ltd ("Nemora", "we", "us", "our") is the data controller for personal information processed through the Willow app and the Willow Companion family app. We are a company registered in ENGLAND AND WALES under company number 17097373, with our registered office at 29 Fernwood, Runcorn, Cheshire, WA76UT. We are registered with the UK Information Commissioner's Office under registration number ZC107502.
Our Data Protection point of contact is info@nemorahealthcaresolutions.com.
2. What this policy covers
- Willow — the resident-facing tablet/phone app used in care homes and at home by people living with dementia.
- Willow Companion — the web app used by family members and carers to send messages, share photos and make video calls to a resident.
- nemorahealthcaresolutions.com — our marketing website.
3. The information we collect, and why
3.1 Resident profile (created by a carer or family member)
| What | Why | Where it's stored |
|---|---|---|
| Resident's first name, preferred name, decade of birth, optional life-story chapters, optional photos | Personalises the app to the resident — their name on screen, era-appropriate music and photos, their own life story | Primarily on the resident's device. A subset is stored on our servers (Cloudflare) so family-uploaded content can reach the device |
| Optional health-relevant preferences (e.g. preferred prompts, sundowning sensitivity) | Adjust the app's tone and quiet hours appropriately | Local device only |
We do not collect medical records, diagnoses, GP details, medication, or care-plan data. The carer/family member providing this information confirms they have the appropriate authority to do so on the resident's behalf.
3.2 Family member account (Willow Companion)
| What | Why | Where it's stored |
|---|---|---|
| Family member's name, relationship to the resident (e.g. "daughter"), email address | Identify who is calling/sending a message; deliver an invite link | Cloudflare KV (UK / EU edge), encrypted in transit |
| Push notification token (Apple APNs or Google FCM) | Deliver an incoming-call ring or message notification to the family member's device | Cloudflare KV. Tokens are device identifiers, not personal information; they rotate when the family member reinstalls the app |
3.3 Messages and photos sent to the resident
| What | Why | Retention |
|---|---|---|
| Short text messages from family members | Display in the resident's "Family" view | Up to 30 days on our servers, then automatically deleted. Once delivered, the message remains on the resident's device until deleted there |
| Photos uploaded by family members | Display in the resident's photo album | Held until the family member or resident's carer deletes them, or the account is closed |
3.4 Video calls
Video calls between a family member and a resident are placed peer-to-peer using Agora's real-time platform. The audio and video stream is not recorded or stored by Nemora. Agora processes the stream in transit only, and acts as a sub-processor under our data processing agreement with them. The only call-related data we keep is the channel name (a random ID), the time the call was placed, and whether it was answered — used to ring the right device and to improve reliability.
3.5 Anonymous usage statistics
Willow collects aggregate, anonymous usage statistics through Google Firebase Analytics so we can understand which features are useful and improve the app over time. The information collected for this purpose includes:
- A randomly-generated installation identifier (rotates when the app is reinstalled — not linked to a person)
- Device model, operating system, app version
- Country (derived from your IP address; the IP itself is anonymised by Firebase)
- Which screens are visited and how long they are open
- Which categories of content are used — for example "music played, source: Internet Archive, decade: 1960s"
- Whether a family call was received and answered
We do not log resident names, content titles, message bodies, song or video titles, photos, precise location, or any health information in these statistics. We have explicitly disabled advertising-identifier collection. If you would prefer to opt out of usage statistics entirely, you can turn them off in the app's Settings; this does not affect any other functionality.
3.6 Diagnostic and crash logs
When the app misbehaves we may receive a technical log entry — typically the scene that crashed, the version of the app, and the device model. These logs do not contain personal information.
3.7 Marketing website (nemorahealthcaresolutions.com)
Our public marketing pages are static HTML served by Cloudflare Pages. The site uses no analytics product, no advertising trackers, no third-party marketing scripts, and sets no cookies of its own. The information that the website may handle is limited to:
- Cloudflare server access logs. Like any website, requests to our pages are logged by our hosting provider (Cloudflare) for security and abuse-prevention purposes. These logs include the requesting IP address, the page requested, and a timestamp. They are kept for short, rolling periods by Cloudflare and we do not link them to any individual.
- Newsletter subscription — only if you choose to enter your email address into the "Subscribe" form. We use the email solely to send Willow product updates, you can unsubscribe at any time via the link in every email we send, and we do not share newsletter emails with any third party.
- Email-address obfuscation. Email addresses shown on the site are obfuscated by Cloudflare to protect them from automated harvesting. This is a server-side feature only — it doesn't track visitors or use cookies.
The website does not use Google Analytics, Facebook Pixel, or any equivalent tracking technology, so there is no cookie-consent banner — none is required under PECR (the Privacy and Electronic Communications Regulations) because no non-essential cookies are set.
4. Lawful basis for processing (UK GDPR Article 6)
| Processing | Lawful basis |
|---|---|
| Operating Willow on a resident's device for their personal use | Consent (given by the resident, or by their carer / appointed representative on their behalf) |
| Storing family member account details and message content | Performance of a contract — we cannot deliver the service without these |
| Anonymous usage statistics | Legitimate interests — improving an app used in dementia care, balanced against the very limited and aggregate nature of the data |
| Security and fraud prevention | Legitimate interests |
Because the people who use Willow may be living with dementia, where consent cannot reasonably be given by the resident themselves, the resident's carer or representative provides consent on their behalf in line with the Mental Capacity Act 2005. Carers must satisfy themselves that any family content they enable is appropriate for the resident.
5. Who we share information with
We share data with the following service providers, who are contractually bound to use it only to provide their service to us:
| Provider | What for | Where they process data |
|---|---|---|
| Cloudflare, Inc. | App backend, message and family-member storage (Workers + KV) | Global edge; we configure UK / EU edge where available |
| Google LLC (Firebase) | Push notifications to Android, anonymous usage statistics | EU and US data centres |
| Apple Inc. (APNs) | Push notifications to iOS / iPadOS | Apple's global network |
| Agora.io | Real-time video and audio calling between family and resident | Global edge — we don't store the streams |
| Internet Archive, BBC, Europeana, Smithsonian and other content providers | Public-domain music, video, photos shown in Willow. We pull this content directly; these providers don't see your data | Various |
We do not sell your information, we do not share it with advertisers, and we do not share it with care-home operators outside of the carer-managed account that the resident or family already controls.
6. International transfers
Some of our service providers (notably Google, Apple and Agora) may process data outside the United Kingdom. Where we transfer personal data outside the UK, we rely on the UK International Data Transfer Addendum to the EU Standard Contractual Clauses, or an equivalent UK adequacy decision. Anonymous usage statistics, and the technical metadata involved in delivering a video call, do not constitute personal data on the recipient side.
7. How long we keep information
| Information | Retention |
|---|---|
| Resident profile and life story | Until you delete the app or close the account |
| Family member account details | Until the family member closes the account or 24 months after the last activity, whichever is sooner |
| Family messages on our servers | 30 days, then automatically deleted |
| Push tokens | Until the device unregisters or 90 days of inactivity |
| Anonymous usage statistics | 14 months (default Firebase retention) |
| Diagnostic / crash logs | 30 days |
8. Your rights under UK GDPR
You have the right to:
- Access the personal information we hold about you
- Correct information that is wrong
- Delete your information ("right to be forgotten")
- Object to or restrict our processing
- Receive your information in a portable, machine-readable format
- Withdraw consent at any time, where we rely on consent
To exercise any of these rights, email info@nemorahealthcaresolutions.com. We will respond within 30 days. If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office at ico.org.uk or by phoning 0303 123 1113.
9. Children
Willow is designed for adult users — typically older adults living with dementia, and their adult family members and carers. The app is not directed at children under 13. If a family member's account is set up by a person under 16, a parent or guardian must provide consent in line with UK GDPR.
10. Cookies
The Willow apps do not use cookies. The marketing website (nemorahealthcaresolutions.com) uses only essential cookies that are required for the site to function. We do not set advertising or tracking cookies.
11. Security
We protect your information using industry-standard measures: TLS encryption in transit for everything we send to and from our servers, encrypted storage for sensitive fields, short-lived authentication tokens, and a server architecture (Cloudflare Workers) that doesn't expose long-lived database credentials. We restrict employee access to data on a need-to-know basis. No system is perfectly secure, however; if we ever become aware of a breach affecting your data, we will notify you and the ICO within the timescales required by UK GDPR.
12. Changes to this policy
We may update this policy as Willow evolves. When we make material changes we will notify users via the app and via the email address registered to a Willow Companion account. The "Effective" date at the top of this page always reflects the current version.
13. Contact us
Questions, concerns or rights requests:
info@nemorahealthcaresolutions.com
Nemora Healthcare Solutions Ltd
29 Fernwood, Runcorn, Cheshire, WA76UT