Privacy Policy

Last updated: 26 May 2026 · Version: 1.0

1. Who we are

Here2Help is a hospital discharge companion service operating in Ireland. We are the "data controller" of the personal information we collect through this website and our service. Our registered details:

Here2Help
Based in Ireland
Contact: hello@here2help.ie · We respond within 48 hours
Data queries: privacy@here2help.ie

2. What information we collect

We only collect the information we need to deliver the service. That includes:

If you book a companion

• Your name, phone number, email address
• The patient's name (if different from yours)
• The hospital, expected discharge date and time
• The home address for drop-off, and any access notes
• Any mobility, medication, or specific care notes you provide
• Payment details (processed by Stripe — see Section 7)

If you apply to be a companion

• Your name, contact details, and county of residence
• Your professional background (care work, hackney driving, volunteering)
• Your Garda vetting status, motor insurance details, and references
• Your bank account details (after onboarding, for payment of bookings)
• Tax-relevant identifiers (PPS number, only after onboarding, for year-end summaries)

When you visit our website

• Standard server logs (IP address, browser type, pages visited, referring URL)
• Essential session cookies needed to make the booking and application forms work
• Matomo analytics — we use a self-hosted Matomo instance on mana.ie to understand how the site is used (pages viewed, time on page, referring source). Matomo is GDPR-friendly and we do not share this data with any third party. No Google Analytics, no Facebook Pixel, no advertising cookies.

3. Why we collect it (lawful basis)

Under GDPR, we must have a lawful basis for processing your personal data. Our bases are:

• Performance of a contract — to deliver the booking you've paid us for, we need to know who, where, when, and what.
• Legitimate interest — to vet companion applicants (background checks, references), to administer our service, and to respond to your contact-form messages.
• Legal obligation — to maintain payment records, issue tax-year summaries to companions, retain records as required by Irish law.
• Consent — for any optional marketing emails (currently none) and for non-essential cookies (currently none).

4. Who we share your data with

Personal data is kept inside Here2Help, except in these specific situations:

• The assigned companion receives the patient's name, address, hospital, ward, discharge time, and any care notes you provide — only what they need to deliver the booking.
• Stripe processes our payments and holds your card information directly. Stripe is GDPR-compliant; their privacy policy applies to that data.
• Our hosting provider (cPanel webworld) stores this website and its server logs.
• Matomo analytics — self-hosted by us on mana.ie. Page-view data is processed there but never shared with third parties.
• Our accountant and tax advisors have access to anonymised financial records for tax filing purposes.
• The National Vetting Bureau receives data relevant to Garda vetting applications for companion candidates.
• Law enforcement or regulators only where we are legally required to disclose information.

We do not sell, rent, or share your personal data with third parties for marketing.

5. How long we keep your data

We hold personal data only as long as we need to.

• Booking details: 7 years from the date of the booking (Irish tax and Revenue Commissioners record-keeping requirements).
• Companion application data (rejected applicants): 12 months from the date of application, then deleted, unless you ask us to delete sooner.
• Companion records (active companions): for the duration of their work with us plus 7 years for tax records, then deleted.
• Contact-form messages: 24 months, then deleted unless we've been corresponding actively or a booking has resulted.
• Server logs: 30 days.

6. Your rights under GDPR

As a person whose data we hold, you have specific legal rights:

• Right of access — ask us what data we hold about you and get a copy
• Right of rectification — ask us to correct anything wrong or out of date
• Right of erasure ("right to be forgotten") — ask us to delete your data, where there's no overriding legal reason to keep it
• Right of restriction — ask us to limit how we use your data
• Right of data portability — get your data in a structured format you can take elsewhere
• Right to object — object to any processing we do based on legitimate interest
• Right to lodge a complaint with the Irish Data Protection Commission

To exercise any of these rights, email privacy@here2help.ie. We respond within one month.

7. Payment data

Card payments are processed by Stripe, not by Here2Help. We never see or store your full card number, expiry date, or security code. Stripe is PCI-DSS Level 1 compliant — the highest level — and is the same payment processor used by most major Irish e-commerce businesses.

8. Cookies and analytics

This website uses two types of cookies:

• Essential cookies — needed to make the booking and application forms function. These cannot be disabled.
• Matomo analytics cookies — we use a privately self-hosted instance of Matomo (at mana.ie) to understand how the site is used. Matomo is open-source, GDPR-friendly, and we do not share the data with any third party. We use it to see which pages are popular, where people enter the site from, and to identify problems.

We do not use Google Analytics, Facebook Pixel, advertising cookies, or any other third-party marketing trackers. If we ever add any, we will update this policy and put a cookie consent banner in place.

9. Data security

We protect personal data with industry-standard measures: HTTPS encryption on all pages and form submissions, secured email accounts, encrypted database storage at our hosting provider, restricted internal access on a need-to-know basis, and Garda-vetted personnel.

No system is completely secure, and we don't claim otherwise. If a personal-data breach affects you, we will notify you and the Data Protection Commission within 72 hours, as required by law.

10. Children

We do not knowingly collect data from anyone under the age of 16. If we discover we have, we delete it. If you believe a child's data has been submitted to us, contact privacy@here2help.ie.

11. Changes to this policy

We may update this privacy policy occasionally. The "Last updated" date at the top tells you the current version. Material changes will be notified by email to anyone with an active booking or active companion account.

12. Complaints to the regulator

If you believe we have mishandled your personal data and we haven't resolved it to your satisfaction, you can complain to:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28, Ireland
Phone: +353 (0)1 765 0100
Web: www.dataprotection.ie

This privacy policy was drafted by Here2Help and is intended to satisfy our obligations under the General Data Protection Regulation (EU) 2016/679 and the Irish Data Protection Acts 1988-2018. This policy is provided in good faith but does not constitute legal advice; if you have specific legal questions about your data, consult a solicitor.