Privacy Policy for LocumLedger

Effective date: March 2025

1. Introduction

LocumLedger ("we", "our", "us") respects your privacy. This Privacy Policy outlines how your data is handled by the App, ensuring compliance with UK GDPR and the Data Protection Act 2018.

2. Types of Data Collected

The App collects and securely stores the following data on your device:

Personal identifiers: Names, addresses, email addresses, and phone numbers.

• Business and financial information: Bank details (securely stored in Apple's Keychain), expenses, invoices, shifts, and practices information.

• User-generated images: Uploaded receipts for expenses, stored locally.

3. Methods of Collection

• Directly inputted by you through the app interface.

• Automatically via device features (optional calendar sync, notifications).

• Backups optionally stored locally or within your Google Drive account (if enabled).

4. Purpose and Legal Basis for Processing

Your data is processed solely to:

• Manage personal and professional records.

• Provide app functionalities such as notifications, invoicing, and calendar synchronisation.

• Allow user-driven data backup and restoration.

5. Data Storage and Security

• Your data is stored using secure methods provided by iOS (SwiftData and Apple's secure Keychain technology).

• We do not store or have access to your data remotely. Your backups are created and managed entirely by you.

6. Google Drive Integration

When you choose to use our Google Drive integration feature:

• Limited Access: LocumLedger requests access to your Google Drive with limited permissions to create, read, update, and delete only the files created by our app (specifically "LocumLedgerBackup.zip").
  
  

• OAuth Tokens: Google authentication tokens are stored securely on your device and are not transmitted to our servers.
  
  

• File Storage: Backup files are created on your device and then uploaded directly to your Google Drive account, where they are stored under your Google account.
  
  

• Data Control: You maintain full control over your backup files and can delete them at any time directly from your Google Drive.
  
  

• Google API Services Compliance: Our use and transfer of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.
  
  

• Limited Data: For security reasons, sensitive financial data (bank account details, sort codes, account numbers) stored in Apple's Keychain are NOT included in Google Drive backups. Only app data stored in SwiftData (shifts, expenses, invoices, business details excluding banking information) is included in backup files.
  
  

7. Data Sharing and Third Parties

• We do not share or transmit your data to third parties.

• If you choose Google Drive integration, data will be stored under your own Google account and governed by Google's privacy policies.

8. Your Data Rights (UK GDPR Compliance)

As we do not have access to your personal data stored within the app or backups, we are unable to directly action requests for:

• Data access

• Rectification

• Data portability

• Data deletion

You must perform these actions directly via the app or by managing your backups. If you require guidance, contact us at support@locum-ledger.co.uk for support.

For Google Drive integration specifically, you can:

• Grant or revoke LocumLedger's access to your Google Drive account at any time through Google account settings

• Delete any backup files from your Google Drive account

• Disable the Google Drive integration entirely in app settings

9. Data Security

Your data stored locally is protected using SwiftData and encrypted storage methods native to iOS. Financial data (bank account details, sort codes) are securely managed via Apple's Keychain.

10. Data Retention

Data remains on your device indefinitely unless you explicitly delete it. Backups are managed solely by you. Google authentication tokens are retained on your device until you sign out of Google Drive in the app or revoke access.

11. Children's Privacy

The App is not intended for individuals under 18.

12. Changes to this Privacy Policy

We may periodically update this Privacy Policy as necessary. Updates will be available within the app or via the App Store page. Continued use of the app indicates your acceptance of any changes.

13. Limitation of Liability

Due to the local-only data storage design, we accept no liability for any data loss, corruption, or breaches arising from device security or third-party storage services.

14. Governing Law

This Privacy Policy is governed by the laws of England and Wales.

15. Contact Information

For further information or support, please contact us at: support@locum-ledger.co.uk