Neola Privacy Policy
The short version
- We collect what we need to run a verified, insured caregiving platform, and no more.
- Your government ID is captured by our verification partner, Certn, through their secure flow. It never lands in Neola's storage. We hold your verification status, not your documents.
- Background check results are confidential. Goers never see a Neo's; Neos never see a Goer's. Each side sees one thing: verified, or not.
- Your child's information is collected only to facilitate care, only with your consent, and is never used for analytics, profiling, or marketing.
- You control your visibility. Privacy settings decide what the other side of a booking sees, and our systems enforce them.
- We never sell personal information, and we show no ads.
- Payment card details go to Stripe, never to us.
- You can access your information, correct it, and withdraw consent.
- Questions go to our Privacy Officer at privacy@oleta.ca.
1. Who we are
Neola is operated by Oleta Technologies Inc., a corporation incorporated under the laws of Canada, operating in British Columbia (“Neola,” “we,” “us”). We comply with the British Columbia Personal Information Protection Act (PIPA) and the federal Personal Information Protection and Electronic Documents Act (PIPEDA), as each applies. Our Privacy Officer is accountable for our compliance and is your contact for access requests, corrections, withdrawals, and complaints: privacy@oleta.ca.
2. The words we use
A Goer is a parent or legal guardian (or a person with their authority) who books care. A Neo is a verified caregiver. A Nene is a child receiving care. A booking is a care session arranged through the platform.
3. What we collect, and why
- Account information. Name, email, phone, and, during our UBC launch, your UBC email to confirm eligibility. For account creation, sign-in, communication, and eligibility.
- Profile information. Photo, bio, role, neighbourhood or city, and for Neos an hourly rate and any certifications you add. To let Goers and Neos find and assess one another, within your privacy settings.
- Verification information. Identity verification and background screening are performed by Certn through their secure flow. Your government ID and screening results are held by Certn under its privacy policy. We receive and store your verification status, the provider's reference identifier, and the type of check performed. We do not store images of identity documents.
- Safety identifier. We derive a non-reversible identifier (a cryptographic hash) from verification information, used only to enforce platform safety decisions, including preventing re-registration after a permanent removal. It cannot be reversed.
- Nene information. Name, age, and care-relevant details a Goer provides, such as allergies and routines. Collected only with the Goer's consent, used only to facilitate care.
- Booking information. Times, locations, house rules, household disclosures, and check-in confirmations.
- Payment information. Card details are collected and processed by Stripe and never rest in Neola's systems. We hold transaction records: amounts, fees, payouts, refunds.
- Messages. In-app messages between Goers and Neos. Content is not monitored in the ordinary course and may be accessed only through a logged investigation action tied to a safety incident, dispute, or legal obligation.
- Standing and event records. Booking outcomes, flags, reviews, and education events, append-only, forming the community standing system.
- Consent records. For each consent: an identifier, document version, a fingerprint of the text shown, the time, method, IP address, and device identifier.
- Technical information. Device and browser type, IP address, and service logs, for security, reliability, and fraud prevention.
4. What we never do
- We never sell personal information.
- We never display third-party advertising or share your information for advertising.
- We never use Nene information for analytics, profiling, model training, or marketing.
- We never store government identity documents in our systems.
- We never show one user's screening results to another. Verification is communicated as a status, nothing more.
5. Consent
Neola uses unbundled, affirmative consent: one consent, one purpose, each presented separately and recorded. You may withdraw a consent at any time by contacting the Privacy Officer; withdrawal applies going forward. Withdrawing a verification consent ends the eligibility it supports. If we make material changes to a document you consented to, we present it again before you continue using the affected features.
6. Your privacy settings
Every Goer holds privacy settings from day one: profile name display, location reveal timing, photo policy for your Nene, scope of personal information shared, communication channel timing, and visibility in social proof. Defaults are protective, and you can change them at any time. These settings are enforced by our systems, not by promises: what a Neo can see about a Goer is computed through a visibility layer with no path around it.
7. Verification, background checks, and the safety identifier
Both sides of every booking are verified before a first booking: Neos complete identity verification and an enhanced criminal record check; Goers complete identity verification. Checks are performed by Certn. Results are used only to assess eligibility, assessed only for relevance consistent with applicable human rights law, and treated as confidential. Where a result is anything other than clear, a human reviews it before any decision, and you have the right to be informed, to access the result through the provider, and to dispute its accuracy. Neos consent to annual re-verification. The safety identifier is retained independently of your account to prevent re-registration after a permanent removal for safety reasons.
8. Nene information
- Collected only from the Goer, with consent, only to facilitate care.
- Shown to a booked Neo only to the extent needed for the booking, subject to the Goer's privacy settings.
- Photo handling follows the Goer's photo policy; the default permits photos during a booking, automatically deleted after thirty days.
- Never used for analytics, profiling, or marketing.
- On account deletion, deleted or anonymized, except where a safety record requires limited retention (section 11).
9. How information is shared
With the other side of a booking, filtered through privacy settings. Addresses are revealed per the Goer's location setting: by default 24 hours before a booking, or on confirmation for bookings that begin sooner.
With service providers, each receiving only what its function requires under confidentiality and security obligations: Certn (verification, Canada); Stripe (payments, US and globally); Google Firebase (authentication, database, US and globally); Twilio (SMS and safety alerts, US); Netlify (website hosting).
For legal reasons, where required by law, including lawful demands by authorities, or where permitted in urgent circumstances involving risk to safety or life. We do not promise information will never be disclosed to authorities, because the law does not allow that promise.
Duty to report. Everyone in British Columbia, including our team and every Neo, has a legal duty to report a child who may need protection. Nothing here limits that duty.
Business changes. In a merger, acquisition, financing, or sale, personal information may be transferred under confidentiality, with notice where the law requires.
10. Where information lives
Some service providers store and process information outside Canada, including in the United States, where it is subject to local law, which may permit access by authorities. We choose providers with strong security practices, bind them contractually, and limit what each receives.
11. How long we keep information
We keep personal information only as long as necessary for the purposes identified and to meet legal, regulatory, insurance, and dispute-resolution obligations:
- Account and profile: life of account, then deleted or anonymized within 90 days.
- Verification status records: life of account plus 7 years.
- Safety identifier (hash): retained indefinitely for safety enforcement.
- Booking and transaction records: 7 years (financial record requirements).
- Messages: life of account plus 2 years; investigation copies per incident file.
- Consent records: 7 years after account closure.
- Nene information: deleted or anonymized on account deletion; photos per photo policy.
- Standing and safety events: life of participation; safety events may be retained in de-identified or hash-linked form after deletion.
12. How we protect information
Encryption in transit; access controls and role-based administrative access; an append-only audit log of administrative actions, including any access to message content; payment isolation through Stripe; document isolation through Certn's hosted capture; and the rule that user-to-user visibility passes through the privacy settings layer. No system is perfectly secure, and we do not claim ours is. We design so that the most sensitive information is the information we never hold.
13. Your rights
You may request access to the personal information we hold about you, request correction, withdraw consents, and make complaints, by contacting the Privacy Officer at privacy@oleta.ca. We respond within the time the law allows (PIPA: 30 business days, extendable in limited circumstances). If you are not satisfied, you may contact the Office of the Information and Privacy Commissioner for British Columbia or the Office of the Privacy Commissioner of Canada.
14. If something goes wrong
If a privacy breach creates a real risk of significant harm, we will notify affected individuals and the appropriate regulators as the law requires, and tell you what happened, what information was involved, and what we are doing about it.
15. Marketing communications
Marketing email is sent only with your separate, optional consent, which is never pre-checked and which you can withdraw with one click. Booking, safety, and account messages are sent regardless, because the platform cannot operate without them.
15a. Text messaging (SMS)
When you provide your mobile number and opt in through the Go Neola app at goneola.com, we use it to send you text messages about your account and your care: booking confirmations, visit start and completion notices, check-in reminders, and time-sensitive trust and safety alerts during a live visit.
- We do not sell or share your mobile number or your SMS opt-in consent with third parties or affiliates for their marketing purposes. Your mobile opt-in data is shared only with the service providers we use to deliver these messages (our SMS provider, Twilio), and only to send the messages you asked for.
- Message frequency varies based on your booking and visit activity.
- Message and data rates may apply.
- We use your number only to send the notifications described above and to reach you about a live visit. Reply STOP at any time to stop text messages. Safety-critical alerts during a live visit are not sent by text alone; we also reach you by phone call and in the app, and those channels are not affected by STOP. Reply HELP for help, or contact us at support@goneola.com.
16. Cookies and similar technologies
We use the minimum necessary cookies and local storage for sign-in sessions, security, and preferences. We do not use advertising cookies.
17. Changes to this policy
We post changes here with a new version number and effective date. Material changes trigger renewed consent before continued use of the affected features.
18. Contact
Privacy Officer, Oleta Technologies Inc. · privacy@oleta.ca