Privacy policy

Controller

Tunstall Healthcare UK Limited is the data controller for personal data processed through the ILOS Mobile app.

Your organisation remains responsible for deciding which staff are authorised to use ILOS and which operational permissions they receive.

What the app processes

Account details such as name, email address, phone number, organisation request, role and permissions.

Operational activity such as requests, assigned work, assignment status updates, responder availability, messages, notifications and audit records.

Foreground location while the app is open, where enabled for team visibility, assignment navigation, responder support and staff safety workflows.

Device and security data such as push notification tokens, session tokens, app version, device metadata, authentication events and diagnostic information.

Why it is used

To create, review and administer staff accounts.

To provide mobile access to operational work, updates, alerts and team visibility.

To protect ILOS accounts, investigate security events, maintain service reliability and meet contractual or legal obligations.

Sub-processors

Current sub-processors and platform providers used to operate the app and supporting web platform may include hosting, database, email, push notification, mapping, crash/diagnostic and app-store providers.

Operational providers currently expected for this service include Neon for managed database hosting, Resend for transactional email, Expo for app builds and push notification delivery, Apple and Google for app distribution and platform push notification services, and mapping/location providers used by the configured deployment.

This text is stored in the web and mobile repositories so the list can be updated when providers or deployment arrangements change.

Retention and sharing

Account, audit and operational records are retained for as long as needed to run ILOS, meet contractual requirements, support incident review and comply with applicable law.

Personal data is shared only with authorised administrators, support personnel, service providers and platform providers where needed to deliver and secure the service.

Account deletion requests

You can request deletion of your ILOS Mobile account and associated app data at /ilos-mobile/delete-account.

Some operational records may need to be retained where required for legal, contractual, safeguarding, audit, security or service-continuity reasons.

Your choices and rights

You can contact your organisation or Tunstall Healthcare UK Limited to ask about access, correction, deletion, restriction, objection and portability rights where applicable.

You can control device permissions such as location and notifications in your device settings, but some operational workflows may not work without them.

Security

The app uses authenticated API access, secure local token storage where available, optional biometric unlock and server-side role checks.

Do not share your password or temporary password. Administrators will never need your password to approve a registration request.