CONTACT US

Privacy Policy

1. Introduction

Hunrosa, including Community Sleep Service CIC, is committed to protecting your personal information and respecting your privacy. This policy explains what data we collect, how we use it, and the rights you have under UK data protection law (UK GDPR and the Data Protection Act 2018).

2. Data Controller

The data controller for both Hunrosa and Community Sleep Service CIC is:

Hunrosa

124 City Road London EC1V 2NXEmail: info@hunrosa.co.uk

3. Data We Collect

We may collect the following types of personal data when you use our services or websites:

  • Contact details (such as your name, email address, phone number, postal address)

  • Information submitted through contact forms, emails, or telephone calls

  • Payment and billing details when purchasing resources or services (processed securely by third-party providers such as Stripe or PayPal — Hunrosa does not store card details)

  • Technical information such as IP addresses, browser type, and site usage data

  • Information provided in connection with consultancy or clinical services, including NHS-linked projects

4. How We Use Your Data

We process your personal data to:

  • Provide services and resources you request

  • Respond to enquiries and support requests

  • Manage orders and payments

  • Deliver NHS or community services in line with contracts and agreements

  • Improve our websites and services

  • Meet legal and regulatory requirements

The lawful bases we rely on include contract, consent, legal obligation, and legitimate interests.

5. Sharing Your Data

We do not sell or rent personal data. We may share it with:

  • Service providers such as hosting, analytics, payment processors, and email platforms, who act under our instructions

  • Regulatory bodies or authorities where required by law

  • NHS and partner organisations where services are delivered under contract or referral

6. International Transfers

Where personal data is transferred outside the UK (for example, by services such as Google Analytics), we ensure that appropriate safeguards are in place.

7. Data Retention

We keep personal data only for as long as necessary for the purposes it was collected, including contractual and legal requirements.

8. Security

We apply technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you

  • Correct inaccuracies

  • Request deletion (where applicable)

  • Restrict or object to processing

  • Request transfer of your data

To exercise these rights, please contact us using the details above.

10. Updates

We may update this Privacy Policy from time to time. The latest version will always be available on our websites.