This document outlines the General Data Protection Regulation (GDPR) compliance measures implemented by Rehubs in accordance with the European Union’s data protection laws. Rehubs is committed to safeguarding the privacy and data of its users, ensuring transparency, security, and accountability in all data processing activities.


Data Collection and Processing:

Purpose Limitation:

Rehubs collects and processes personal data solely for the purpose of providing addiction recovery services and support to its users. Data is not used for any other purposes without explicit consent.


Lawful Basis:

Data processing activities are conducted on lawful bases as defined by GDPR, including user consent, contractual necessity, and legitimate interests pursued by Rehubs.


Data Minimisation:

Rehubs only collects and retains personal data that is necessary for the provision of its services. Unnecessary data is not collected or stored.


Data Accuracy:

Rehubs takes reasonable steps to ensure the accuracy and currency of the personal data it holds. Users are encouraged to update their information as necessary.


User Rights:


Right to Access:

Users have the right to request access to their personal data held by Rehubs. Requests for access will be processed promptly and in accordance with GDPR requirements.

Right to Rectification:

Users can request the correction of inaccurate or incomplete personal data held by Rehubs. Corrections will be made without undue delay.

Right to Erasure:

Users have the right to request the deletion of their personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Data Portability:

Upon request, Rehubs will provide users with their personal data in a structured, commonly used, and machine-readable format, allowing for portability to another service provider.

Right to Object:

Users can object to the processing of their personal data in certain situations, such as direct marketing activities. Rehubs will cease processing data upon receiving an objection, unless there are compelling legitimate grounds for the processing.


Data Security:


Technical Measures:

Rehubs employs industry-standard security measures to protect against unauthorised access, alteration, disclosure, or destruction of personal data. This includes encryption, access controls, and regular security assessments.

Staff Training:

Employees of Rehubs are trained in data protection principles and practices to ensure the secure handling of personal data.


Data Transfers:


International Transfers:

Rehubs may transfer personal data to countries outside the European Economic Area (EEA) if necessary for the provision of services. Such transfers will be conducted in compliance with GDPR requirements, including the use of appropriate safeguards.


Data Breach Response:


In the event of a data breach affecting personal data, Rehubs will promptly assess the risk to individuals and notify the relevant supervisory authority and affected users in accordance with GDPR requirements.


Data Protection Officer:

Rehubs has appointed a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and acting as a point of contact for data protection inquiries.


Contact Information:

For inquiries related to data protection or to exercise your rights under GDPR, please contact:


Data Protection Officer


Rehubs –



Rehubs is committed to upholding the principles of data protection outlined in GDPR and to ensuring the privacy and security of personal data entrusted to its care. This document serves as a demonstration of Rehubs’ compliance efforts and commitment to transparency in data processing activities.