Privacy Policy

Effective Date: 20/07/2025

At Settle and Snooze ("we", "us", or "our"), we are committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines how we collect, use, store, and protect your information when you use our website, book our services, or engage with us in any way.

We comply fully with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We may collect and process the following personal data:

Contact details: Name, email address, phone number
Client intake information: Sleep history, lifestyle habits, routines, and relevant information about you or your child
Health information (where shared): Relevant to understanding sleep behaviours (note: we do not collect or process diagnostic or clinical records)
Payment information: Processed securely through third-party platforms (e.g. Stripe, PayPal)
Website data: IP address, browser type, and other analytics through cookies (if applicable)

2. How We Use Your Information

We use your data to:

Provide sleep consultancy services and tailor plans to your needs
Communicate with you regarding appointments, follow-up support, and updates
Manage bookings and process payments
Respond to enquiries
Meet legal and regulatory obligations (e.g., safeguarding or tax purposes)

We only collect and retain the data necessary to deliver our services professionally and safely.

3. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

Consent – where you have explicitly agreed to us processing your information (e.g. contact forms)
Contract – where data processing is necessary for us to provide a service you’ve requested
Legal obligation – in situations involving safeguarding or financial record-keeping
Legitimate interest – such as improving client experience and ensuring the quality of service

4. Data Sharing and Third Parties

We will never sell or rent your personal information. Your data may be shared with trusted third parties only when necessary, such as:

Payment processors (e.g. Stripe, PayPal)
Scheduling platforms (e.g. Calendly, Acuity)
Legal or safeguarding authorities, if required by law or concern for safety

All third-party providers are GDPR-compliant and have appropriate data protection policies in place.

5. Data Storage and Retention

Your information is stored securely, using encrypted devices, password-protected files, and secure cloud services.

We retain client information for a minimum of 7 years, in line with record-keeping requirements for health-related services and professional accountability. After this period, data will be securely deleted.

6. Your Rights

Under UK GDPR, you have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request erasure (in certain circumstances)
Object to or restrict certain types of data processing
Withdraw consent at any time
Lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data is being mishandled

7. Cookies (if applicable)

Our website may use cookies to improve user experience and collect anonymous usage data. You can manage or disable cookies in your browser settings.

8. Changes to This Policy

This Privacy Policy may be updated periodically. Any significant changes will be posted on this page with an updated effective date.