Document status: PUBLIC

Release: 2025.1

Last updated: December 17, 2025

This Cloud Service Specification describes the scope, delivery model, availability, security, and data protection principles of the Empathika Cloud Platform. This document is intended for customers, procurement teams, and regulatory stakeholders.

1. About This Document

This document describes the characteristics of the Empathika Cloud Service. It provides an overview of how the service is delivered, secured, and operated.

This document does not describe pricing, commercial terms, or contractual commitments. Service levels and data protection obligations are defined separately in the Service Level Agreement (SLA) and Data Processing Agreement (DPA).

2. Cloud Service Overview

Empathika is a cloud-hosted software-as-a-service (SaaS) platform designed specifically for residential care environments. The service is accessed via modern web browsers and does not require local installation.

Empathika supports care providers with medication management, care documentation, compliance workflows, and secure collaboration with authorised healthcare partners.

3. Service Delivery and Architecture

3.1 Service Model

Empathika is delivered as a multi-tenant cloud service. Each customer environment is logically isolated to ensure confidentiality and data separation.

3.2 Updates and Maintenance

The Empathika Cloud Service is continuously maintained and improved. Updates may include feature enhancements, security patches, and performance improvements. Updates are deployed centrally and do not require customer action.

4. Service Availability

Empathika is designed for high availability and resilience. Availability targets, maintenance windows, and incident response commitments are defined in the Service Level Agreement (SLA).

Planned maintenance is scheduled to minimise disruption to care operations wherever possible.

5. Security, Privacy and Data Protection

5.1 Data Protection Roles

Customers act as Data Controllers. Empathika (CareApps Limited) acts as a Data Processor and processes personal data only on documented customer instructions.

5.2 Security Measures

The Empathika Cloud Service implements technical and organisational measures to protect data, including role-based access control, encryption, audit logging, monitoring, and confidentiality obligations for all personnel.

5.3 Data Location

Personal data is hosted in approved cloud environments within the United Kingdom, unless otherwise agreed in writing.

6. Backup and Disaster Recovery

Data is backed up on a regular basis in accordance with defined backup schedules. Disaster recovery processes are in place to restore service availability and data access following incidents.

7. Sub-processors

Empathika may engage carefully selected sub-processors to support service delivery, such as cloud infrastructure providers. Equivalent data protection and security obligations are contractually imposed on all sub-processors.

8. Browser and Device Support

The Empathika Cloud Service supports modern web browsers including Google Chrome, Microsoft Edge, Mozilla Firefox, and Safari (latest versions). Internet Explorer is not supported.

9. Limitations and Dependencies

Service performance may depend on internet connectivity, device capabilities, and customer configuration. Certain integrations or modules may require additional configuration or agreements.

10. . Important Notices

This document may be updated from time to time as the service evolves. Nothing in this document constitutes a warranty or contractual commitment.

© Empathika – CareApps Limited. All rights reserved.