Click here to sign up for our newsletter


Blog Archives

 

 

Privacy Policy

1. Introduction

Hope2Sleep always has and always will do everything in its power to protect and safeguard your privacy, but we do welcome the new GDPR rules in force from May 2018 to give us all confidence that our personal data is safe in the hands of companies (and charities like ours) whom we trust.  Any personal details about you, whether it be via sales of products or even confidential support will never be shared outside our organisation, unless you request us to, or in exceptional circumstances, give us your permission to.

This privacy notice provides you with details of how we collect and process your personal data.  The Hope2Sleep Charity is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

Who is Hope2Sleep?

We are a charity registered with the Charity Commission (Charity Number 1168089) and abide by the Charity Commissions rules.  You can read more about the work we do on this page of the website 'About the Hope2Sleep Charity.'

Our full contact details are:-

Hope2Sleep Charity
85 Ings Road
HULL
East Yorkshire
HU8 0SD

Tel 0300 102 9711

Email info@hope2sleep.co.uk

Website www.hope2sleep.co.uk

Your Details

For customers with an account on our website, it is very important that the information held in your account is accurate and up to date.  Please amend your details if your personal information changes by  logging into your account or contact us and request we do this for you.


From time to time we may need to update our Privacy Policy and you will be informed of any significant changes, but you can check back on this page at any time.


2. Data We Collect (for what purpose and on what grounds we process it)

Customer Data

For any purchases of goods and/or services we hold your name, title, billing address, delivery address, email address, phone number, contact details and purchase details in our website  on highly secure servers, which are located within RapidSwitch’s highly acclaimed and industry-leading data centre in Berkshire, UK.  Rapidswitch provide world-class resilient infrastructure with multiple levels of security, including 24 hour monitoring, CCTV, and restricted access.

No payment information, such as credit/debit card number, is ever stored within our website and we have no access to any details.  Neither do we have a record of your password.  If you use Paypal to make any payment to us, they will need to hold information about you and you can read their Privacy Policy here

We process the aforesaid data to supply the goods and/or services you have purchased and are obliged by law to keep records for a minimum of 6 years, which includes any VAT declaration form you have completed to to benefit from zero rated VAT.

To mail out in the post our products to you only the minimum data is shared with the Royal Mail or reputable couriers, such as your name, address and mobile number or email address, in order to deliver your parcels and track them.  These companies have their own privacy policies in compliance with the GDPR rules.

Communication Data

This includes any communication you send to us, whether it be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims.  Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.  All communication between us and you is confidential and is never shared outside our charity unless you request us to act on your behalf, or we gain prior permission from you in an effort to support you better.

Sensitive Data

We do not routinely collect any sensitive data about you.  The only exception would be when we are obliged to collect certain health data on occasions, such as when supplying a prescribed CPAP machine or conducting a sleep screening test.  We will only use your personal data for the purpose it was collected for and this would never be shared outside our charity without your prior permission and only when necessary.

Children's Privacy

Whilst a child may use our website for information, we never knowingly accept personal details of a child under the age of 13 and would suggest a parent, guardian or carer uses their own information on behalf of a child.   Anyone contacting us via social media would be assumed to be over 13 as social media sites have their own policies on minimum ages to use their sites, which is not in our control or responsibility.

3. Newsletter Email Communication

You may be on our newsletter list as an existing Hope2Sleep Charity customer, have registered on the website and ticked the opt-in box, have subscribed for newsletters, specifically requested us to add your details or/and are a Forum Member who requested newsletters.  We value your privacy and never ever share your email address or other details with anyone ever, and we never send spam or pure marketing emails!  Our aim is to keep you updated of recent news regarding sleep apnoea and sleep disordered breathing, events, helpful articles and new products for sleeping more comfortably - especially for people using CPAP, BiPAP and non-invasive ventilation.

Every newsletter contains a quick unsubscribe button which will automatically prevent further newsletters being sent to you, should you not wish to receive them or you can contact us to be manually removed.  If you unsubscribe from receiving newsletter communications this opt-out does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations etc.  If you are not on our list and would like to receive them, you can subscribe on this link Newsletter Subscription.

Our newsletter list is stored in MailChimp who abide by the GDPR rules and the only details they hold are those that you sign up with, such as your name and email address (click the links to find out more about Mailchimp's Privacy Policy and Terms of Use and see why we trust them).

4. Disclosures of your Personal Data

We may on occasions have to share your personal data with the parties such as:-

  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors and insurers.
  • Government bodies that require us to report processing activities, such as for VAT purposes and charitable Gift Aid.
  • Third parties to complete a purchase transaction, such as a manufacturer for direct postage if we are out of stock or a courier/mail carrier to send the purchase to you.

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law.  We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions, and use only reputable companies who have their own privacy policies to protect your data.

5. Data Security 

We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation.  We only allow access to your personal data to our charity trustee board, volunteers  or employees who need to know such data.  Any data they process or need access to will be kept confidential.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach which we are legally required to.

6. Surveys and Research

Part of our charitable work is to improve the process of diagnosis and treatment for sleep disordered breathing and assess our own standards, and we conduct anonymous voluntary surveys and/or research.  Occasionally there is the option to identify yourselves, but this is always a choice and we would obtain permission from you within the survey at these times. 

For this process we use a UK company, SmartSurvey Limited, who are registered with the ICO (Information Commissioner's Office) and have privacy policies in place for both us as account holders, and you as survey respondents.  You can view this here.

7. Your Legal Rights

Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.  You can see more about these rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you wish to exercise any of the rights set out on the above link then please email us at info@hope2sleep.co.uk

You will not have to pay a fee to access your personal data (or to exercise any of the other rights).  However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive and we have a right to refuse to comply with your request in these circumstances.
 
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).  This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  We may also contact you to ask you for further information in relation to your request to speed up our response.
 
We try to respond to all legitimate requests within one month.  Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.  In this case, we will notify you.

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).  We should be grateful, however, if you would contact us first if you do have a complaint so that we can try to resolve it for you, as we would never intentionally break any GDPR rules due to the fact that we respect your privacy as much as we respect our own.

8. Third-Party Links

This website may include links to third-party websites, plug-ins and applications.  It is only our intention to provide links to other sites where we believe there is valuable information on them.  However, we do not control these third-party websites and are not responsible for their privacy statements.  When you leave our website, we encourage you to read the privacy notice of every website you visit.

9. Cookies

We do not use technology to track the patterns of behaviour of visitors to our site, but we do need to use cookies to maintain the contents of your shopping cart. Some parts of the website will function better with cookies enabled, and this information is kept on your own computer and you can remove or disable cookies at any time.  In accordance with the GDPR consent rules for cookies we have a simple and unobtrusive Cookie Consent pop-up feature on our website.  There is a lot of information on https://www.aboutcookies.org/  to help  you control or delete cookies.

If you have any questions/comments about our privacy, please contact us.