Privacy Policy
Effective Date: 10 July 2026
1. Who We Are
Front Foot MI Ltd (trading as Fit to Care) is the Data Controller for personal data collected via this website and, in certain circumstances, a Data Processor on behalf of client organisations who use our digital platforms.
Front Foot MI Ltd has not appointed a formal Data Protection Officer under GDPR Article 37. Our designated Data Protection Contact for all privacy enquiries is:
Data Protection Contact: Anthony Lawton
Email: anthony.lawton@fittocare.co.uk
Registered Address: Park House, 2 Park View, Gatley, Stockport, Cheshire, SK8 4BL
Company Number: 05457319
2. The Data We Collect
We collect data in the following categories:
Website Visitors
Technical data (IP address, browser type, device information) via cookies; contact data (name, email) if you fill out our contact forms or use our website chat assistant; and the responses you provide if you use one of our website self-assessment tools. Enquiry and assessment data may be stored in Google Sheets and emailed to us (see Section 5.1). Our website chat assistant is AI-assisted (see Section 4); please do not enter other people's personal data or special-category data into it.
Service Users, Insight Genie
If your organisation invites you to use Insight Genie, we process your anonymous survey responses. Insight Genie does not require registration and does not collect names or identifying information. If voice capture is used, audio is transcribed and the recording deleted, audio is not retained.
Service Users, Dynamic Genie
If your organisation includes you as a named participant in a Dynamic Genie workshop, we process your name, job title, organisational role, strategic contributions during the session, review and sign-off records, and cognitive contribution profile (where a 6Q Leadership assessment has been completed).
Service Users, Meeting Genie Board
If your organisation uses Meeting Genie Board, we process your name, role, attendance records, declarations of interest, contributions during board proceedings, and AI-generated summaries that reference your contributions. This data constitutes governance records.
Service Users, Return on Heartbeats®
If your organisation uses Return on Heartbeats®, we process your anonymous descriptions of operational experiences. If voice capture is used, audio is transcribed and the recording deleted , audio is not retained. Responses are aggregated and not attributed to individuals.
Service Users, National Heartbeats
National Heartbeats is a free, public-facing platform for citizens to share their experiences of UK public services. For National Heartbeats, Front Foot MI Ltd is the data controller (not a data processor for another organisation).
We collect: email address, outward postcode (e.g. “SK1”), age bracket, ethnicity group, and sex (the last three only if you choose to verify, and all self-declared, not inferred by AI). We do not collect your name, full address, or date of birth. If voice capture is used, audio is transcribed and immediately discarded, we never store audio. Selfie verification runs entirely in your browser; the image never leaves your device.
Full details, including our dual-layer privacy architecture, children's data handling, and data sharing arrangements, are set out in Schedule E of our Platform Terms.
Service Users, Network Genie
If your organisation invites you to take part in Network Genie, we process the information needed to map the informal networks in your organisation. This includes your name, your work email address (used only to send your personal invitation), your job title, role, grade and team or department, the colleagues you nominate across the Help, Trust and Energy relationship layers, the strength you assign to those relationships, and any optional free-text notes you add. Identifying details in free-text notes are automatically stripped at the point of entry.
Your name is not shown in the network map unless you actively choose to be identified by ticking the optional consent. People who do not opt in appear by role only. Small teams are protected: where a group is too small to report safely, results are aggregated and individuals are suppressed. The Network Genie coach uses AI to guide the nomination conversation; a deterministic graph engine, not AI, produces the network metrics. Your organisation is the data controller and Fit to Care is the data processor.
Service Users, Predict Genie
If your organisation includes you in a Predict Genie engagement, we may process your name, job title and organisational role, and the professional views and contributions you provide during option-appraisal or calibration discussions. Much of what Predict Genie processes is not personal data at all: it is the options, criteria, constraints and scoring that describe a decision. Where leadership or steering-group contributions are captured, this is professional and managerial data, not clinical or special-category data.
AI tools assist in synthesising contributions and scoring how adoptable each option is. AI does not make autonomous decisions about you; the engine produces a Direction of Travel report for your organisation to act on. Your organisation is the data controller and Fit to Care is the data processor.
Service Users, Assurance Genie
If your organisation uses Assurance Genie, we process the documents you submit for structural audit (for example a strategy, business case or board paper) and, where relevant, the public web address you ask us to review. These documents may incidentally contain personal data, such as the names of authors or named officers. We process that material solely to run the structural checks you have asked for. The core checks are deterministic and, for documents, run without sending the document to an AI model. Your organisation is the data controller and Fit to Care is the data processor. You should not submit patient data, special-category data, or personal data beyond what is necessary for the audit.
Consultancy Clients
If your organisation engages us for direct consultancy, we process contact data (name, email, phone number, job title) and engagement data necessary to deliver the agreed services.
3. How We Use Your Data
We process your data under the following lawful bases (UK GDPR):
Contractual Necessity
To deliver Insight Genie reports, Dynamic Genie workshops, Meeting Genie Board services, Return on Heartbeats analysis, Network Genie network maps, Predict Genie decision reports, and Assurance Genie audits, and consultancy services agreed with your organisation.
Legitimate Interests
To analyse trends in healthcare and organisational leadership (anonymised where possible), to improve our services, and to maintain platform security.
Consent
For sending newsletters or marketing material (only if you have opted in). You may withdraw marketing consent at any time by contacting us. For individual participants in Insight Genie and Return on Heartbeats® who are not parties to the service agreement, processing of your contributions is based on your explicit consent (given via the in-app consent screen) and your organisation's legitimate interests in service improvement. For National Heartbeats, where we are the data controller, processing is based on your explicit consent given during registration or before recording.
4. AI Processing Disclosure
All Fit to Care platforms use artificial intelligence tools to assist with analysis, synthesis, and reporting. We use commercially available AI services (including but not limited to OpenAI, Anthropic, and Google AI) as sub-processors.
AI is used as a support tool, it does not make autonomous decisions about individuals. Where AI-generated outputs are used in governance contexts (Meeting Genie Board), they are reviewed and approved by a designated human officer before being recorded as formal records.
We have opted out of AI providers using our data to train their models where such opt-out mechanisms are available. Data shared with AI sub-processors is subject to our Data Processing Agreements and applicable security controls.
5. Data Sharing and Security
5.1 Third Parties
We do not sell your data. We may share data with trusted sub-processors who assist in running our platforms, including secure cloud hosting providers (Google Cloud Platform, Firebase, and Bubble.io for the Insight Genie survey platform), AI service providers, transactional email delivery (Postmark), spreadsheet-based storage for website enquiries and assessments (Google Sheets), and our hosting and development partners. All sub-processors are contractually bound to equivalent data protection standards. A current list of our sub-processors is available on request by emailing anthony.lawton@fittocare.co.uk.
5.2 Security
We hold Cyber Essentials certification (certificate reference b19fd022-750f-4b48-b9be-58a0ffdad0d4, verifiable at registry.blockmarktech.com), and operate in accordance with Data Security and Protection Toolkit (DSPT) requirements applicable to NHS suppliers. We employ enterprise-grade encryption in transit and at rest, and role-based access controls. Our cloud infrastructure operates in UK data centres (europe-west2, London) where available. The exceptions are the Insight Genie survey platform, which runs on Bubble.io (hosted in the United States) and is designed to hold no personal data, and AI processing by Anthropic, which takes place in the United States under contractual safeguards (no model training, time-limited deletion, and a Data Processing Agreement).
6. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which we collected it:
- Insight Genie: Individual response data is deleted on engagement completion, and in any event within 12 months. Anonymised aggregated data may be retained for benchmarking.
- Dynamic Genie: Session data is retained for up to 12 months after the engagement concludes, then securely deleted.
- Meeting Genie Board: Governance records are retained in accordance with your organisation's retention policy and applicable statutory obligations (typically a minimum of 6 years for NHS board records). Deleted upon written instruction from your organisation.
- Return on Heartbeats®: Individual response data is retained for the duration of the improvement programme and up to 12 months thereafter. Anonymised aggregated data may be retained for longer.
- Network Genie: Individual response data is deleted within one month of the engagement completing, or sooner on the client's written instruction. Anonymised, aggregated data may be retained for benchmarking.
- Predict Genie: Engagement data is retained for the duration of the engagement and for up to 12 months thereafter, then securely deleted. Anonymised, aggregated data may be retained for service improvement.
- Assurance Genie: Submitted documents and audit outputs are retained only for as long as needed to deliver and explain the audit, then securely deleted or removed on written instruction.
- National Heartbeats: Registration data is retained until you delete your account (then removed within 72 hours). Anonymised intelligence data is retained for 7 years. Aggregate analytics follow a 2-year rolling window. See Schedule E for full details.
- Website and marketing data: Contact form data is retained for up to 24 months. Marketing consent records are retained for as long as the consent remains active.
7. Your Legal Rights
Under the UK GDPR, you have the right to:
- Request access to your personal data
- Request correction of inaccurate data
- Request erasure (“right to be forgotten”) in certain circumstances
- Object to processing where we rely on legitimate interests
- Withdraw consent at any time (where processing is based on consent), to withdraw, email anthony.lawton@fittocare.co.uk and withdrawal takes effect within 5 working days
- Data portability (to receive your data in a structured, machine-readable format)
- Object to automated decision-making and profiling that has legal or similarly significant effects on you, and request human review of any such decision
How to exercise your rights: Where your organisation is the data controller (Insight Genie, Dynamic Genie, Meeting Genie Board, Return on Heartbeats®, Network Genie, Predict Genie, Assurance Genie), please contact your organisation's Data Protection Officer in the first instance. For National Heartbeats (where we are the data controller), contact us directly. You may also contact us at anthony.lawton@fittocare.co.uk.
You have the right to make a complaint to the Information Commissioner's Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.
Complaints to us. If you are unhappy with how we have handled your personal data, you can complain to us directly by emailing anthony.lawton@fittocare.co.uk. We will acknowledge your complaint within 5 working days and give you a full response within 30 days. You can also complain to the Information Commissioner's Office (ICO) at www.ico.org.uk or on 0303 123 1113, though we would welcome the chance to resolve your concern first.
8. Cookies
We use essential cookies to make our site work. With your consent, we also use analytics and functionality cookies. When you first visit, our cookie banner lets you accept or reject these, and you can change your choice at any time using the Cookie settings link in the footer. For more information, see our Cookie Policy.
9. Changes to This Policy
We may update this Privacy Policy from time to time. The “Effective Date” at the top of this page will be revised to reflect changes. We encourage you to review this page periodically.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Front Foot MI Ltd trading as Fit to Care
Data Protection Contact: Anthony Lawton
Email: anthony.lawton@fittocare.co.uk
Phone: +44 (0)7921 786777
Registered Office: Park House, 2 Park View, Gatley, Stockport, Cheshire, SK8 4BL
Company Number: 05457319
ICO Registration: Z3134310