Triage Trainer Logo Triage Trainer Back to Home

Triage Trainer – Data Privacy Notice

Last updated: 9 Feb 2026

Data controller: People Care Tech Ltd (Company No. 16574616)

1. Introduction

This privacy notice explains how we collect, use, store and protect your personal data when you use Triage Trainer. We process your data in line with UK GDPR and the Data Protection Act 2018.

2. Data we collect

2.1 Account and profile data

  • Email address – used to sign in.
  • Name / display name – shown to facilitators and other users in your organisation.
  • Professional role – e.g. GP registrar, practice nurse, used for reporting and facilitation.

2.2 Training data

  • Triage decisions – your choices, timestamps, notes and justifications for scenarios.
  • Performance and progress – linked to your user ID for reports and facilitator feedback.

2.3 Organisation data

  • Organisation details – practice name, ODS code, type (e.g. practice, training programme).
  • Membership – which organisations you belong to and your role (e.g. triager, admin).

2.4 Session and device data

  • Active sessions – user ID, session ID, device fingerprint, browser user agent, and activity timestamps (to prevent misuse and enforce session limits).
  • Local storage – auth context, UI preferences, draft notes, and temporary access tokens (stored in your browser only).

2.5 Enquiries and support

  • Enquiries – if you submit an enquiry or beta request, we collect name, email, organisation and message content.
  • Help requests – if you submit support or feedback via the app.

3. How we use your data

Purpose Legal basis
Providing Triage Trainer and managing your account Contract
Storing and displaying your triage decisions for training and feedback Contract
Generating reports for facilitators and organisations Legitimate interest
Managing subscriptions and billing Contract
Session tracking and preventing misuse (e.g. credential sharing) Legitimate interest
Responding to enquiries and support requests Legitimate interest
Improving the service and resolving issues Legitimate interest

4. Who we share data with

  • Firebase (Google) – authentication, database, hosting.
  • Stripe – subscription and payment processing (payment details are held by Stripe, not us).
  • Your organisation’s facilitators and admins – access to your training data and reports within the organisation.

We do not sell your personal data.

5. Data retention

  • Account and profile data – for the lifetime of your account, plus a short period after deletion.
  • Triage decisions – for as long as your organisation requires training records (typically the duration of your membership).
  • Session data – inactive sessions are removed after about 7 days.
  • Enquiries – retained for as long as needed to process and respond.

6. Your rights

Under UK data protection law you have the right to:

  • Access – request a copy of your personal data.
  • Rectification – have inaccurate data corrected.
  • Erasure – request deletion of your data in certain circumstances.
  • Restriction – limit how we process your data in certain situations.
  • Object – object to processing based on legitimate interests.
  • Data portability – receive your data in a commonly used, machine-readable format.

To exercise these rights, contact us at support@triagetrainer.co.uk. You also have the right to complain to the Information Commissioner’s Office (ICO): ico.org.uk.

7. Security

We use industry-standard technical and organisational measures to protect your data, including:

  • Encrypted connections (HTTPS).
  • Access controls and authentication.
  • Firebase security rules to limit who can read and write data.

8. Cookies and local storage

We use local storage and session storage in your browser for:

  • Keeping you signed in and remembering your preferences.
  • Storing temporary access tokens and draft content.

We do not use advertising or tracking cookies. See your browser’s help for how to manage local storage.

9. Data hosting locations

We host our core application data on Google Cloud (Firebase). Our Firestore database is in the Europe multi-region (eur3), which stores data in Belgium and the Netherlands with a witness region in Finland. Our Cloud Functions run in the London region (europe-west2).

10. International transfers

Some of our service providers may process data outside the UK (for example, Firebase/Google or Stripe). We rely on appropriate safeguards, such as adequacy decisions or standard contractual clauses.

11. Changes to this notice

We may update this privacy notice from time to time. The “Last updated” date at the top will change when we do. Continued use of Triage Trainer after changes means you accept the updated notice.

12. Contact

For questions about this notice or your personal data:

People Care Tech Ltd
Company Number: 16574616
Email: support@triagetrainer.co.uk