General Data Protection Regulation

The Rehab Hub Staffordshire is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your privacy seriously and ensure that your personal data is handled responsibly, securely, and lawfully.

1. Our Commitment

We will:

  • Collect only the personal data we need to deliver our services.

  • Process your data lawfully, fairly, and transparently.

  • Store your data securely and protect it against unauthorised access.

  • Keep your information accurate and up to date.

  • Retain your data only as long as necessary.

  • Respect your legal rights under UK GDPR.

2. What Data We Process

We may process:

  • Contact details (name, address, phone, email)

  • Health and treatment information relevant to your care

  • Appointment, payment, and communication records

  • Website usage data (via cookies)

3. Why We Process Your Data

Your personal data is processed for:

  • Booking and managing your appointments

  • Providing treatment and care

  • Processing payments and invoices

  • Meeting legal, tax, and medical record-keeping requirements

  • Improving our services and communication

4. Legal Basis for Processing

We process personal data under these lawful bases:

  • Contract – to deliver the services you have booked

  • Legal obligation – to comply with UK laws and regulations

  • Consent – where you have agreed to specific uses (e.g., marketing)

  • Legitimate interests – for the effective running of our business, without overriding your rights

5. Your GDPR Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request corrections to inaccurate or incomplete data

  • Request deletion of your data (where applicable)

  • Restrict or object to certain types of processing

  • Withdraw consent at any time (for example, marketing emails)

  • Receive a copy of your data in a portable format

To exercise these rights, contact us at:
Email: info@therehabhubstaffs.co.uk
Phone: 07962 260985

6. Data Security

  • We store data on secure systems and restrict access to authorised staff only.

  • We use appropriate technical and organisational measures to prevent data loss, theft, or misuse.

7. Data Retention

  • Health records are retained for at least 8 years (or as legally required).

  • Other personal data is kept only as long as necessary for the purposes stated.

8. Complaints

If you have concerns about how we process your data, please contact us directly.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk
Phone: 0303 123 1113