Privacy Policy

Trisende is the trading name for the platform operating at trisende.co.uk. We are the data controller for personal information processed through the platform.

Data Protection Officer: dpo@trisende.co.uk

General enquiries: support@sencare.tech

Postal: Trisende, United Kingdom

ICO Registration: Pending (reference will be published here upon confirmation)

We are registered under the UK Data Protection Act 2018 and comply with the UK General Data Protection Regulation (UK GDPR).

2.1 Account Data

Name, email address, hashed password, selected role(s), organisation name, phone number (optional). For institutional accounts: job title, department, .gov.uk/.sch.uk email domain for auto-verification.

2.2 Child Profile Data (UK OFFICIAL-SENSITIVE)

Name, date of birth, NHS patient number (optional), primary diagnosis, communication level, mobility level, EHCP/ISP status, ISP readiness score, school name, year group, relationship to registering adult. This data is classified as UK OFFICIAL-SENSITIVE and receives the highest level of protection on the platform.

2.3 Statutory Documents

Education, Health and Care Plans (EHCPs), Individual Support Plans (ISPs), therapy reports, school assessments, DLA/PIP applications, tribunal documents, and any other files uploaded for AI processing or storage.

2.4 Biometric & Verification Data

For carers and specialists: identity document images, live selfie photographs (for facial comparison), Enhanced DBS certificate references. These are processed as part of our Triple-Gate Verification system (Patent Application 5) and are stored encrypted with restricted access.

2.5 Video & Livestream Data

Live video streams transmitted through the platform are processed by our Adaptive Privacy Shield (APS, Patent Application 2) which uses machine learning to detect and mask vulnerable individuals in real-time. Video frame data is processed in-memory with sub-200ms latency and is not stored unless explicitly recorded by the session initiator. APS processing constitutes automated biometric processing under UK GDPR Article 9 — our lawful basis is explicit consent obtained before any livestream session begins.

2.6 S.A.F.E. Alert Data

Our Secure Alert For Emergency system (Patent Application 3) processes: alert priority level, recipient device tokens, delivery timestamps, acknowledgement responses, and associated communication session data. Critical-priority alerts may override device silent/do-not-disturb modes — users consent to this capability upon account creation.

2.7 Behavioural & Health Data

The Behaviour Tracker processes: incident descriptions, antecedent-behaviour-consequence (ABC) analysis, intensity ratings, trigger patterns, sensory environment data, medication timing, sleep quality, and AI-generated pattern insights. This constitutes special category health data under UK GDPR Article 9 — our lawful basis is explicit consent from the SSOT guardian.

2.8 Location Data

Approximate location (neighbourhood-level) for: carer proximity searches (with 500m coordinate obfuscation per Patent Application 5), Relief Network request matching, directory listings, and event discovery. We never store or transmit exact GPS coordinates for individuals. The Emergency Pulse Map applies fuzzy geolocation to protect specialist privacy.

2.9 Financial & Token Data

Token purchase history, wallet balances (paid and promotional), livestream gift transactions, care booking payments, withdrawal requests, and commission tracking. Card numbers are never stored on our servers — payments are processed by Stripe (PCI-DSS Level 1) and PayPal.

2.10 Community & Communication Data

Community posts, comments, reactions, peer matching profiles, Relief Network requests/offers, in-app messages, AI assistant conversation history, and feedback ratings.

2.11 Platform Usage Data

Pages visited, features used, session duration, device type, browser, operating system. We do not use third-party analytics trackers, advertising pixels, or fingerprinting technologies.

4.1 The Handshake System (Patent Application 1, Claim 1)

When a school or local authority uploads a document containing a child's details, our AI extracts identity markers (name, date of birth) and performs a fuzzy-match against existing child profiles. If a match is found, a cryptographic handshake is proposed to the SSOT guardian (parent). The link is only established when the parent explicitly accepts. Parents can reject, revoke, or modify handshakes at any time.

4.2 Permission Matrix (Row-Level Security)

Data visibility is enforced at the database level through Row-Level Security policies — not application-level checks that can be bypassed:

• Parent (SSOT Guardian): Full read/write/delete access to their children's profiles, documents, and linked data. Full sovereignty.
• Carer: Read access to assigned children's care plans only. Delegated by parent with scoped permissions. Revocable.
• School: Edit access limited to provision delivery fields for children in their tenant. Cannot modify needs, outcomes, or personal details.
• Local Authority: Read access to children in their tenant for statutory compliance, financial oversight, and provision gap analysis.
• Central Government: Read-only access to anonymised, aggregated data. No access to identifiable child records. Anonymisation applied at the application layer before data reaches government dashboards.

4.3 Polymorphic Identity System (Patent Application 1, Claim 2)

Users with multiple roles (e.g., a council worker who is also a SEND parent) access the same platform through different interface views. The system dynamically serves role-appropriate data while maintaining a single authentication token. You see only what your active role permits.

5.1 EHCP → ISP Transformation (Patent Applications 1, 4, 6)

Our AI uses OCR and NLP to extract structured data from uploaded documents, map it to the 2026 ISP framework, and generate readiness scores. All AI outputs are presented for human review — no statutory decisions are made automatically. You have the right to request human review of any AI-generated output.

5.2 ISP Readiness Scoring

Documents receive a 0-100 readiness score based on completeness, specificity, evidence strength, and consistency. This is an advisory score, not a decision. It does not affect your legal rights or access to services.

5.3 Consistency & Risk Engine (Patent Application 6, Claim 2)

Our AI cross-references multiple documents for the same child to detect contradictions (e.g., a need identified in a therapy report with no matching provision in the EHCP). Risk alerts are informational only.

5.4 Smart Matching Algorithms

Peer matching, carer matching, and Relief Network matching use algorithms based on: conditions, location proximity, stated preferences, and availability. You can always override algorithmic suggestions. Matching is not profiling under UK GDPR Article 22.

5.5 Performance Scoring

Schools and local authorities receive performance scores based on: deadline compliance, provision delivery, document accuracy, dispute resolution, and engagement. Scores are visible to the organisation itself and relevant oversight tiers. Scoring methodology is transparent and documented.

For Stripe, PayPal, and Google, international data transfers are covered by UK adequacy decisions and/or Standard Contractual Clauses. We do not transfer identifiable child data outside the UK.

6.1 Google User Data Disclosure

When you sign in with Google, we receive your email address, display name, and profile picture from your Google account. We use this data solely for authentication and account creation. We do not:

• Sell or rent your Google user data to third parties
• Use your Google data for advertising or marketing purposes
• Transfer your Google data to third parties except as necessary to provide the service (Supabase for authentication storage)
• Use your Google data for purposes unrelated to the core Trisende platform functionality

Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.

All primary data storage is in UK data centres (AWS eu-west-2, London). We implement:

• 256-bit AES encryption at rest
• TLS 1.3 encryption in transit
• Row-Level Security enforced at database level (not application level)
• Complete audit trail of all data access and modifications
• Role-based access control with principle of least privilege
• Regular penetration testing
• Alignment with ISO 27001 and Cyber Essentials Plus
• DfE data standards compliance

We use only strictly necessary cookies:

• sb-access-token / sb-refresh-token: Supabase authentication session (essential, httpOnly)
• __vercel_live_token: Deployment preview (development only)

We do not use: advertising cookies, third-party analytics (no Google Analytics), social media trackers, fingerprinting, or any form of cross-site tracking. No cookie consent banner is required under UK PECR as we use only strictly necessary cookies.

• Right of Access (Art. 15): Request a copy of all personal data we hold. We respond within 30 days.
• Right to Rectification (Art. 16): Correct inaccurate data via your account or by contacting us.
• Right to Erasure (Art. 17): Delete your account and all associated data. Child profiles are deleted immediately. Audit logs retained per legal obligation.
• Right to Restrict Processing (Art. 18): Request we stop processing specific data while a dispute is resolved.
• Right to Data Portability (Art. 20): Export all your data in machine-readable JSON format.
• Right to Object (Art. 21): Object to processing based on legitimate interest. We will stop unless we demonstrate compelling grounds.
• Rights Related to Automated Decision-Making (Art. 22): Request human review of any AI-generated output. No legally binding decisions are made by AI alone.
• Right to Withdraw Consent: Withdraw consent at any time via Settings or by contacting us. Withdrawal does not affect prior lawful processing.

To exercise any right: dpo@trisende.co.uk

Our platform processes data about children with special educational needs and disabilities. This data receives the highest level of protection available on the platform.

• Only the SSOT guardian (parent/legal guardian) can create, edit, or delete a child's profile
• Children under 13 do not create accounts — all child data is managed by their guardian
• Children aged 13-17 may have limited platform access with guardian approval (future feature)
• Child data is never used for marketing, profiling, or commercial purposes
• AI processing of child documents is performed with guardian consent and presented for guardian review
• Schools and LAs access child data only within the permission matrix (Section 4.2) and only for statutory purposes

In the event of a personal data breach:

• We will assess the breach within 24 hours of detection
• If the breach poses a risk to individuals, we will notify the ICO within 72 hours (Art. 33)
• If the breach poses a high risk to individuals, we will notify affected users without undue delay (Art. 34)
• Notification will include: nature of the breach, categories of data affected, likely consequences, and measures taken
• All breaches are logged in our incident register regardless of severity

When schools or local authorities use Trisende as a service:

• The school/LA acts as data controller for their students' data
• Trisende acts as data processor under a Data Processing Agreement (DPA)
• DPAs are available on request and included in all institutional tier subscriptions
• We process data only on documented instructions from the controller
• Sub-processors are listed in Section 6 and changes are communicated 30 days in advance
• Data is returned or deleted upon contract termination per the DPA terms

We may update this policy to reflect changes in our processing, legal requirements, or platform features. For significant changes: we will email all registered users 30 days before the change takes effect; display a prominent in-platform notification; and publish a changelog of material amendments.

Continued use of the platform after changes take effect constitutes acceptance. If you disagree with changes, you may close your account and export your data before the effective date.

If you are unsatisfied with our handling of your data:

1. Contact our DPO: dpo@trisende.co.uk
2. We will investigate and respond within 30 days
3. If unresolved, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):