top of page

Privacy Policy

1. Introduction

OneSleep ("we", "our", "us") is committed to protecting your personal information and ensuring its confidentiality. This Privacy Policy outlines how we collect, use, and safeguard your data in compliance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

2. Information We Collect

We collect the following types of personal information:

  • Personal Details: Name, address, date of birth, contact information (email, phone number).

  • Health Information: Medical history, treatment details, and other health-related data necessary for providing our services.

  • Payment Information: Details required for processing payments, such as credit card or bank account information.

  • Technical Data: Information about your device and usage patterns when accessing our website or services.

3. How We Use Your Information

We use your personal information to:

  • Provide and manage our healthcare services.

  • Process payments and handle billing.

  • Communicate with you regarding appointments, services, and updates.

  • Improve our services and website functionality.

  • Comply with legal and regulatory obligations.

4. Legal Basis for Processing

We process your personal information based on:

  • Consent: Where you have provided explicit consent for specific purposes.

  • Contractual Necessity: To fulfill our contractual obligations in providing healthcare services.

  • Legal Obligation: To comply with applicable laws and regulations.

  • Legitimate Interests: For purposes such as improving our services, provided your rights do not override these interests.

5. Sharing Your Information

We may share your personal information with:

  • Healthcare Professionals: To coordinate and provide your care.

  • Service Providers: Third parties who assist us in delivering our services, under strict confidentiality agreements.

  • Regulatory Authorities: When required by law or to protect our rights.

We do not sell your personal information to third parties.

6. Data Security

We implement robust security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption of sensitive data.

  • Access controls to limit data access to authorized personnel.

  • Regular security assessments and compliance with NHS standards such as DCB0129, DTAC, and DSPT.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Specific retention periods may vary depending on the type of information and legal requirements.

8. Your Rights

Under UK data protection laws, you have the right to:

  • Access: Request a copy of your personal information.

  • Rectification: Correct inaccurate or incomplete data.

  • Erasure: Request deletion of your data under certain circumstances.

  • Restriction: Limit the processing of your data.

  • Objection: Object to processing based on legitimate interests.

  • Data Portability: Receive your data in a structured, commonly used format.

To exercise these rights, please contact us at [contact email/phone].

9. Changes to This Policy

We may update this Privacy Policy periodically. Any changes will be posted on our website, and we encourage you to review this policy regularly to stay informed about how we protect your information.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at info@onesleep.ai.

This Privacy Policy was last updated 03/03/2025

 

bottom of page