GDPR Compliance

At Rehubs, we are committed to protecting and respecting your privacy. This GDPR Compliance Policy outlines how we collect, use, and safeguard your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable UK data protection laws. Our priority is to ensure that your personal information is handled with the utmost care and transparency.

Data Collection and Use

Rehubs collects personal data to provide and enhance our online rehabilitation services. The types of data we collect include personal identification information, contact details, health information, and any other relevant data required for delivering our services. This data is collected through our website, service registration forms, and during consultations.

We use this information to deliver our services effectively, tailor our programmes to individual needs, communicate with you, and for administrative purposes. Your personal data will only be used for the purposes for which it was collected and will not be processed further in a manner that is incompatible with those purposes.

Legal Basis for Processing

Our processing of personal data is based on one or more of the following legal grounds: consent, contract, legal obligation, vital interests, public task, and legitimate interests. When processing special category data, such as health information, we ensure that we have your explicit consent or that the processing is necessary for the provision of health care or treatment.

Data Protection Principles

We adhere to the data protection principles set out in the GDPR. These principles require that personal data shall be:

  1. Processed lawfully, fairly, and transparently.
  2. Collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  3. Adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
  4. Accurate and, where necessary, kept up to date.
  5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed.
  6. Processed in a manner that ensures appropriate security of the personal data.

Data Subject Rights

Under the GDPR, you have various rights concerning your personal data. These include the right to access, rectify, erase, restrict processing, object to processing, and data portability. If you wish to exercise any of these rights, please contact us at the details provided below. We will respond to your request within the statutory time frame and, where necessary, assist you in exercising your rights.

Data Security

Rehubs takes the security of your personal data very seriously. We implement appropriate technical and organisational measures to protect your data from unauthorised access, loss, misuse, or alteration. Our security measures are regularly reviewed and updated to ensure they remain effective and adequate.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal, regulatory, or internal policy requirements. Once your data is no longer needed, we will securely delete or anonymise it.

Third-Party Disclosure

We do not share your personal data with third parties except where necessary to provide our services, comply with legal obligations, or with your explicit consent. Any third-party service providers we engage are required to comply with data protection laws and ensure the security of your personal data.

International Transfers

If your personal data is transferred outside the European Economic Area (EEA), we ensure that adequate safeguards are in place to protect your data. This includes entering into data transfer agreements based on the European Commission’s standard contractual clauses or relying on other approved transfer mechanisms.

Changes to this Policy

Rehubs may update this GDPR Compliance Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of any significant changes and ensure that the updated policy is available on our website.