Legal
Last updated: March 2026
This privacy policy explains how Rozek Industries Ltd ("we", "us", "our"), a UK private limited company (Company Number 16474200), collects, uses, and protects your personal data when you use our website at robrhose.com and our psychoanalytic consulting services.
We are the data controller for the purposes of data protection law. You can contact us at rob@robrhose.com.
We collect only the data necessary to provide our service and process payments. We do not collect health data, clinical data, or psychiatric information.
| Data | Purpose | Legal Basis |
|---|---|---|
| Name, email address | Booking confirmation, session communication | Contract performance |
| Payment information | Processing session fees via Stripe | Contract performance |
| Booking dates and times | Scheduling sessions via Cal.com | Contract performance |
| Session notes (non-clinical) | Continuity of service between sessions | Legitimate interest |
| Analytics data (if consented) | Website improvement via Google Analytics and Microsoft Clarity | Consent |
We do not collect diagnoses, medical history, treatment records, or any data that would constitute special category data under Article 9 of the GDPR.
Your personal data is used to deliver the consulting service you have booked, send booking confirmations and session reminders, process payments and issue receipts, maintain non-clinical session notes for continuity, respond to your enquiries or complaints, and comply with our legal obligations (e.g. tax records).
We will never sell your data, share it for marketing purposes, or use it for any purpose other than delivering this service.
We use the following third-party services to deliver our service. Each processes data on our behalf under appropriate data processing agreements.
| Service | Purpose | Data Processed |
|---|---|---|
| Stripe | Payment processing | Payment card details, billing info |
| Cal.com | Booking and scheduling | Name, email, booking times |
| Zoom | Video call platform | Name, email, session audio/video (not recorded) |
| Vercel | Website hosting | IP address, browser info (server logs) |
| Google Analytics | Website analytics (consent-based) | Anonymised browsing data, cookies |
| Microsoft Clarity | Website analytics (consent-based) | Anonymised browsing data, session recordings |
We do not store your full payment card details. All payment processing is handled by Stripe, which is PCI DSS compliant. Sessions are not recorded unless explicitly agreed in advance.
This website uses cookies. We distinguish between essential cookies (required for the website to function) and analytics cookies (used to understand how visitors use the site).
Essential cookies: These are necessary for core website functionality such as remembering your cookie consent preference. They do not require your consent under applicable law.
Analytics cookies: Google Analytics and Microsoft Clarity use cookies to collect anonymised data about how visitors interact with the site. These cookies are only loaded after you give explicit consent via the cookie banner. If you decline, no analytics cookies are set and no tracking occurs.
You can change your cookie preferences at any time by clearing your browser cookies and revisiting the site, which will show the consent banner again.
Booking and payment data is retained for 7 years after your last session, as required for UK tax and accounting obligations.
Session notes are retained for up to 3 years after your last session, then securely deleted. You may request earlier deletion at any time.
Analytics data is retained according to the default retention periods of Google Analytics (14 months) and Microsoft Clarity (30 days).
Email correspondence is retained for the duration of the consulting relationship and up to 1 year after, then deleted.
Depending on your location, you have specific rights regarding your personal data. We honour these rights regardless of where you are based.
You have the right to access the personal data we hold about you, rectify inaccurate data, erase your data (subject to legal retention requirements), restrict processing of your data, data portability (receive your data in a structured format), object to processing based on legitimate interest, and withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at rob@robrhose.com. We will respond within 30 days.
If you believe we have not handled your data correctly, you have the right to lodge a complaint with your supervisory authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk. In the EU, contact your national data protection authority.
Under the Swiss Federal Act on Data Protection (nDSG), you have equivalent rights to access, rectify, and delete your personal data. You may lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC).
If you are a California resident, you have the right to know what personal information we collect, request deletion of your personal information, and opt out of the sale of personal information. We do not sell personal information.
To exercise these rights, contact us at rob@robrhose.com. We will verify your identity before processing any request.
Our service operates from the United Kingdom. If you are located outside the UK, your data may be transferred to and processed in the UK. We ensure that any such transfers comply with applicable data protection law, including the use of Standard Contractual Clauses (SCCs) where required.
Our third-party processors (Stripe, Cal.com, Zoom, Vercel) may process data in the United States. Each maintains appropriate safeguards for international data transfers in accordance with UK GDPR, EU GDPR, and Swiss FADP requirements.
We take appropriate technical and organisational measures to protect your personal data, including encryption of data in transit (TLS/HTTPS), use of PCI-compliant payment processing (Stripe), secure access controls for all systems, and separation of session notes from payment and booking data.
No system is completely secure. If we become aware of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, and in any event within 72 hours.
This service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately at rob@robrhose.com and we will delete it promptly.
We may update this privacy policy from time to time. Updated versions will be published on this page with a new "last updated" date. If we make significant changes that affect your rights, we will notify you by email where possible.
For any questions about this privacy policy or to exercise your data protection rights, contact us at rob@robrhose.com.