Privacy Policy

Clare Senior Care AFC | GAFC, Inc. (“Clare Senior Care”, “we”, “us”, “our”)
Effective date: September 24, 2025

Clare Senior Care is a Massachusetts-based provider supporting seniors, caregivers, and families. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our websites, portals, and forms, contact us, or otherwise use our services (collectively, the “Services”).

HIPAA & Medical Privacy
If you are enrolling in or receiving care from Clare, certain information may be Protected Health Information (PHI) governed by HIPAA and Massachusetts law. Our Notice of Privacy Practices (NPP)—provided during enrollment and available on request—describes how we use and disclose PHI. This website Privacy Policy does not replace the NPP.

1) Who we are & contact

Clare Senior Care AFC | GAFC, Inc.
Boston, Massachusetts, USA
Phone: (888) 479-8354
Email (privacy requests): clareteam@clare-afc.com
Postal: Attn: Privacy, Clare Senior Care, 100 Hancock Street, Quincy, MA 02171, USA

2) Scope (what this covers vs. what it doesn’t)

This Policy covers visitors, prospective clients/caregivers, and general website users.
Not covered here: PHI under HIPAA (see NPP) and HR data for employees/applicants (covered by our separate Employee/Applicant Privacy Notice).

3) Information we collect

A. You provide directly

  • Contact info (name, email, phone), messages, and form inputs (consultation requests, intake pre-screens, support tickets, job-interest forms).
  • Files you upload (e.g., IDs, documents) when you choose to send them to us through our portals.

B. Collected automatically (cookies, pixels, similar tech)

  • Device/browser type, IP address, general location (city/region), referring/exit pages, pages viewed, time on page, and cookie/analytics identifiers.

C. From third parties

  • Scheduling/communication tools you authorize (e.g., booking widgets, messaging platforms).
  • Referrals from community partners (only with consent or a lawful basis).

We do not intentionally collect sensitive personal information via public web forms. Clinical data shared for care is processed under HIPAA/NPP.

4) How we use information

  • Provide & improve Services: scheduling, intake coordination, customer support, user experience.
  • Communications: confirmations, reminders, important notices.
  • Analytics & performance: understand site usage and improve content.
  • Security & compliance: fraud prevention, legal obligations.
  • Marketing: only with consent where required; you may opt out.

5) Legal bases (EU/UK GDPR, where applicable)

  • Consent (e.g., analytics/marketing cookies).
  • Contract (to deliver what you requested).
  • Legitimate interests (site security; basic analytics and service improvement).
  • Legal obligation (record-keeping, compliance).

6) Cookies, analytics & your choices

Categories we use

  • Strictly Necessary (site operation, security).
  • Analytics (e.g., Google Analytics) to measure traffic and trends.
  • Marketing (only if we enable remarketing; off by default).

Your controls

  • Our cookie banner/manager lets you accept, reject, or manage non-essential cookies.
  • Browser settings can block or delete cookies.
  • GA opt-out: use browser controls or the Google Analytics opt-out add-on.

EU/UK: we obtain consent before setting non-essential cookies (analytics/marketing).
Global Privacy Control (GPC): we honor GPC signals as a request to disable non-essential cookies where legally required.

7) Disclosures to service providers

We share personal information with vendors that help us operate the Services under contracts restricting use to our instructions, for example:

  • Google (Analytics, Workspace/Voice, Maps, YouTube embeds)
  • Zoho (Books, WorkDrive, People, Mail, Cliq, Forms, Calendar)
  • GoHighLevel / LeadConnector (forms, portals, courses, messaging)
  • Secure fax/e-signature/hosting and IT security providers
  • Payment processors for private-pay services (if used)

We do not sell personal information. We also do not “share” personal information for cross-context behavioral advertising as defined by the CPRA. If this changes, we will update this Policy and provide required opt-outs.

8) Data retention

We retain personal information only as long as needed for the purposes above, to meet legal, regulatory, tax, accounting, or reporting requirements, or as permitted by law. Medical record retention follows applicable healthcare laws and our NPP.

9) Security

We use administrative, technical, and physical safeguards (encryption in transit, access controls, role-based permissions, staff training). No method is 100% secure; please use care when sharing information online.

10) Children’s privacy

Our public site is not directed to children under 13, and we do not knowingly collect personal information from them via the site. Clinical services for minors are handled under HIPAA/NPP with appropriate authorizations.

11) International transfers

We (and some vendors) process data in the United States and other countries. Where required, we use appropriate safeguards (e.g., EU/UK Standard Contractual Clauses).

12) Third-party links & embeds

Our site may link to third-party sites or include embeds (e.g., maps, videos). Those services are governed by their own privacy policies.

13) Your privacy rights

Massachusetts/United States (general)

  • Access, correction, deletion (subject to legal limits).
  • Marketing opt-out for emails/SMS (unsubscribe tools or contact us).

GPC & Do Not Track: We honor GPC for applicable jurisdictions. Industry DNT standards are not uniform; we instead provide cookie controls as described above.

14) “Notice at Collection” for California residents

Categories of personal information collected: identifiers (name, email, phone), internet/network activity (usage, device data), geolocation approximations (city/region from IP), professional information you choose to provide (e.g., role on forms).
Sources: you (forms, communications), your device/browser (cookies/analytics), and authorized partners.
Purposes: provide and improve Services; communications; analytics; security/compliance; marketing with consent.
Retention: for as long as necessary for the purposes above and as required/permitted by law.
Disclosures: to service providers listed in Section 7 under contracts; no sale or sharing for cross-context behavioral advertising.
Sensitive PI: we do not use public website forms to collect sensitive PI; any health information is handled under HIPAA/NPP.

15) Changes to this Policy

We may update this Policy from time to time. The “Effective date” above shows the latest revision. Significant changes will be posted on this page and, when appropriate, notified to you.

16) How to contact us

Questions, requests, or complaints about this Policy or our data practices:
Email: clareteam@clare-afc.com
Phone: (888) 479-8354
Postal: Attn: Privacy, Clare Senior Care, 100 Hancock Street, Quincy, MA 02171, USA

Legal & Privacy Notices

At Clare Senior Care AFC | GAFC, Inc., transparency and trust are central to how we serve seniors, caregivers, and families. We publish the following legal and compliance notices to explain your rights and our responsibilities:

These notices work together to protect your privacy, ensure compliance with federal and Massachusetts law, and help you understand how Clare Senior Care operates with fairness, equity, and respect.