SocialQA privacy, use policy and disclaimer

Status of this policy

Version: 0.2.0. Published: 20 June 2026. Last updated: 20 June 2026. Sources reviewed: 20 June 2026.

This policy is written for SocialQA at https://jahosi.co.uk/socialQA/. It will be updated over time as the page, source list, regulations, guidance, hosting arrangements or AI services change.

This page is not legal advice. It is a practical public statement of how the SocialQA page is intended to work and the limits that users must understand before using it.

Plain-English summary

SocialQA is an experimental AI-assisted information page. It is not a professional adviser.
Use it only as a guide to help you ask better questions and find official sources.
Do not make care, funding, legal, financial, medical, safeguarding, provider-selection or complaint decisions solely because of a SocialQA answer.
No consequence, loss, delay, dispute, cost, missed deadline, care decision or financial outcome can be attributed to Jahosi or SocialQA where a user chooses to rely on the page without independent checking.
Always check the original source, local authority, NHS integrated care board, care provider, regulator, ombudsman, qualified adviser or professional representative before acting.
Do not enter sensitive personal, medical, financial or identification details into the chat.
SocialQA is programmed to refuse requests that would require regulated financial advice, provider recommendations, care assessments, NHS/local authority decisions, eligibility predictions or decisions that could directly determine care or finances.

What SocialQA is

SocialQA is a plain-English Q&A page for adult social care funding and related care-navigation questions in England. It is designed to help families, carers and individuals understand common routes such as local authority assessments, financial assessments, care home fees, NHS Continuing Healthcare, NHS-funded nursing care, CQC checks, complaints and local signposting.

Design philosophy

The design is intentionally restrained. SocialQA is built around source discipline, plain-language explanation and practical signposting. It should help users understand what to ask next, not tell them what decision to make.

Functional overview

The chat sends the user's question and recent temporary browser-session chat history to the SocialQA server.
The server passes the question to a configured AI service with instructions to use only the validated SocialQA source list.
The page includes starter prompts, common questions, question packs, local signposting by postcode, high-contrast and large-font display controls, and browser-side PDF export.
The local-resource lookup sends the postcode to the SocialQA server, which queries the GOV.UK local authority API and returns signposting links.
Cloudflare Turnstile may be used to reduce automated abuse before chat is enabled.

Use policy and disclaimer

Use SocialQA of your own accord

By using SocialQA, you choose to ask questions of your own accord. You remain responsible for deciding whether to act, what to check, who to contact, and whether to seek professional advice. The page cannot know the full facts, evidence, contracts, local policies, urgency or personal circumstances behind a situation.

Not professional advice

SocialQA does not provide legal, financial, medical, clinical, safeguarding, social work, care-planning, tax, benefits, regulated financial, investment, insurance, equity-release, annuity, property, contract or complaint-handling advice. It can only provide general information and signposting from the validated sources available to it.

The chatbot instructions explicitly require it to refuse requests for recommendations, rankings, product advice, care eligibility predictions, provider choices, care assessments, CHC decisions, financial-assessment outcomes, complaint outcomes, appeal outcomes, safeguarding decisions or instructions about whether a user should accept, refuse, sign, pay, move, challenge or make a care/finance decision.

Care and funding decisions

Do not start, stop, refuse, accept, challenge, pay for, move, choose, sign, complain, appeal, defer, sell, borrow, invest or otherwise act on a care or finance matter solely because of a SocialQA answer. Check with the relevant local authority, NHS integrated care board, care provider, CQC, LGSCO, PHSO, MoneyHelper, FCA-authorised adviser, solicitor, qualified representative or other appropriate professional before acting.

Financial planning and regulated products

SocialQA may explain high-level topics such as self-funding, deferred payment agreements, care-fees advice, Attendance Allowance, Pension Credit or where to check whether a financial firm is authorised. It must not recommend a financial product, adviser, investment, equity-release arrangement, annuity, tax plan, estate plan or provider. For regulated financial products or advice, use qualified regulated advice and check authorisation using the FCA Firm Checker or Financial Services Register.

If a user asks SocialQA to recommend, compare, approve or choose a financial product, adviser, investment, tax route, estate-planning route, equity-release product or annuity, the bot should display a warning and signpost to neutral sources such as MoneyHelper, FCA checking tools, SOLLA or a qualified regulated adviser.

Provider choice and named people

SocialQA must not recommend, rank, review, endorse or compare specific care homes, care agencies, nursing homes, day care centres, hospitals, GP practices, healthcare services, professionals or named people. It may explain how to check official reports, contracts, complaints processes, CQC ratings and relevant local/NHS routes.

If a user asks whether a provider or named person is good, safe, suitable, trustworthy, best or recommended, the bot should refuse to give that opinion and instead explain how to check official sources and seek independent advice.

Urgent, safeguarding or medical situations

SocialQA is not an emergency service. If someone is in immediate danger, call 999. For urgent medical help, use NHS 111 or 999 as appropriate. For abuse, neglect or serious safety concerns, contact the relevant local authority safeguarding adults team, emergency services, care provider, NHS body or regulator as appropriate.

No reliance and no attribution of consequences

AI responses can be incomplete, outdated, overly general, overconfident, misread a source or fail to reflect local variation. Jahosi cannot accept responsibility for decisions, losses, delays, disputes, missed deadlines, funding outcomes, care outcomes, financial consequences, provider choices or other consequences arising from use of SocialQA without independent checking.

Privacy policy

Data controller and contact

The data controller for SocialQA is James Rowson. For privacy questions, correction requests or communication preferences, use the Jahosi contact page.

Data you should not provide

Do not enter names, addresses, dates of birth, NHS numbers, National Insurance numbers, bank details, care contracts, medical records, medication details, detailed diagnoses, financial account information, passwords, identity documents, complaint files or any other sensitive personal information into the chat.

SocialQA warns users not to enter sensitive information. It is not technically possible to prevent every user from doing so, especially if they type sensitive information into free text. If the AI detects or appears to detect sensitive information, it is instructed to warn the user, avoid repeating the details, and provide only general signposting or ask the user to rephrase without sensitive information.

Information processed when using the page

Chat question: the text you submit is sent to the SocialQA server and then to the configured AI service so an answer can be generated.
Recent chat history: recent messages are held in your browser session storage and sent with later questions to preserve short-term context.
Session token: a temporary browser-session token may be stored in session storage after Turnstile verification.
Display settings: high-contrast and large-font preferences may be stored in browser local storage.
Postcode lookup: if you use local resources, the postcode is sent to the SocialQA server and queried against the GOV.UK local authority lookup API.
PDF export: exports are generated in your browser from the conversation visible in that browser session.
Security and service data: standard web request metadata such as IP address, time, URL, user agent and error information may be processed by the server, hosting provider, rate limiter or security tools.
Turnstile: if enabled, Cloudflare Turnstile may process browser, device and interaction signals to check for abuse.
Third-party scripts: the page loads Cloudflare Turnstile and jsDelivr-hosted PDF export code. Those third-party services may receive ordinary browser request metadata such as IP address, user agent, requested URL and timing information.

Purpose of processing

Information is processed to provide the Q&A function, preserve temporary context in the user's browser session, generate local signposting, reduce abuse, troubleshoot the service and improve safe operation. SocialQA is not designed to build profiles, target advertising or sell user data.

Storage and retention

SocialQA does not maintain a user account or permanent chat database for this page. The AI has no persistent memory of user inputs beyond the temporary session context needed to answer within the current browser session. Chat history is stored in browser session storage on the user's device for the current browser session. Display preferences are stored in local storage until cleared by the user. Server-side processing is request-based, although hosting, security, rate-limiting or upstream service logs may retain technical metadata according to their own operational settings.

Sharing with service providers

To operate the page, information may be processed by the hosting environment, the configured AI service, GOV.UK local authority API, Cloudflare Turnstile if enabled, jsDelivr for the PDF export library, and the user's browser. External reference links open third-party sites; those sites have their own privacy policies and are not controlled by Jahosi.

User controls

Do not submit sensitive information.
Close the browser tab or clear browser session storage to remove local chat history for the current session.
Clear local storage to remove display preferences.
Use the browser's download/delete controls for any PDF export you create.
Use the Jahosi contact page for privacy questions, correction requests or communication preferences.

This policy is guided by UK data protection transparency principles, including the ICO's guidance that people should be informed about collection and use of personal data, purposes, retention and sharing.

Sources and freshness

SocialQA is constrained to a curated source list of official, statutory, regulator, NHS, NICE, official data, ombudsman and recognised guidance sources. The source list was last reviewed on 20 June 2026. Sources can change without notice. SocialQA will be updated over time as able, but users must check the original source and local body before acting.

Where SocialQA cannot answer from the validated source list, it should say so and signpost the relevant official body, local authority, NHS body, regulator, ombudsman or qualified adviser instead of inventing an answer.

Regulatory and QA risk review

End-user perspective

The main risk is over-reliance: users may treat a clear AI answer as a decision rather than a guide.
The page now requires a disclaimer acknowledgement before asking the bot a question.
The page repeatedly tells users not to enter sensitive personal, medical or financial information. The bot also has instructions to warn users if sensitive information appears in a prompt, but it is not possible to guarantee prevention because users control what they type.
The AI has no persistent memory of inputs beyond temporary session context, but submitted text is still processed to generate answers and may be visible in technical or upstream processing flows.
The tool should remain careful, plain and source-linked, especially for money, eligibility, complaints and urgent safety questions.

QA inspector perspective

The server-side prompt constrains answers to a validated source list and requires references.
The server-side prompt explicitly requires refusals and warnings for regulated financial advice, provider recommendations, eligibility predictions, care assessments, NHS/local authority decisions, safeguarding decisions, legal conclusions and any output likely to steer care or financial outcomes.
The source list includes official and recognised sources for care funding, financial-planning signposting, benefits, mental capacity, home adaptations, safeguarding and complaints.
The app does not intentionally persist SocialQA chats in a database, but technical logs and upstream provider processing remain privacy considerations.
The postcode lookup is a narrow signposting function, not a care assessment or eligibility decision.
PDF export is user-initiated and browser-side, but users should avoid exporting sensitive content.

Current compliance assessment

Financial conduct: SocialQA should stay outside regulated financial advice or financial promotion boundaries if it only gives general information and signposts to MoneyHelper, FCA checking tools, SOLLA and qualified regulated advisers. Risk would increase if it recommended products, named advisers, investments, equity-release products, annuities, tax strategies or estate-planning actions. The current guardrails are designed to prevent that.

Social care and NHS services: SocialQA does not make care assessments, eligibility decisions, CHC decisions, safeguarding decisions or provider recommendations. It signposts official routes and tells users to check with local authorities, ICBs, providers, regulators or ombudsmen. Risk would increase if it began predicting eligibility outcomes, instructing users to accept/refuse care arrangements, or presenting itself as acting on behalf of the NHS, CQC or a local authority.

Privacy and data protection: The key risk is users entering sensitive personal data despite warnings. The current design mitigates this through warnings, browser-session storage, no account system, no permanent chat database for SocialQA, and this privacy notice. A fuller legal review should confirm processor/controller roles for the AI provider, hosting provider and Turnstile if the project moves beyond prototype/experimental use.

Reference material used for this policy

The right to be informed - Information Commissioner's Office. Transparency guidance for privacy information.
Artificial intelligence and data protection - Information Commissioner's Office. Guidance on applying data-protection principles to AI.
The UK's data protection legislation - GOV.UK. Overview of UK GDPR and Data Protection Act 2018.
Data Protection Act 2018 - legislation.gov.uk. Primary legislation.
FCA perimeter report - Financial Conduct Authority. Context on what the FCA does and does not regulate.
PERG 8 Financial promotion and related activities - FCA Handbook. Guidance on financial promotions.
Care Act 2014 - legislation.gov.uk. Primary adult care and support legislation for England.
National framework for NHS continuing healthcare and NHS-funded nursing care - Department of Health and Social Care / GOV.UK.
Find care services - Care Quality Commission. Official provider search and inspection ratings.
Complaints about health and social care - Local Government and Social Care Ombudsman.
Complaints about continuing healthcare funding - Parliamentary and Health Service Ombudsman.