Caring for Your Data Like We Care for You

Last Updated : 10th November 2025

1. Introduction

Welcome to YourCocoon Health ("we", "us", "our"). We are committed to protecting and respecting your privacy. This policy explains how we collect, use, share and protect your personal data when you use our services, including our website, mobile app and newsletters.

By using theYourCocoon Health service, you agree to the processing of your information as described in this policy.

2. Who We Are and How to Contact Us

  • Name: YourCocoon Health (trading as)

  • Address: 13A Seamoor Road, Bournemouth 

  • Email: hello@cocoon-app.co.uk

  • Data Protection Officer (or representative): Prisca Flint

If you have any questions or wish to exercise your rights, please contact us using the details above.

3. The Data We Collect

We collect personal data that you provide to us, and in some cases, data that is collected automatically.

a) Data you provide:

  • Account registration details (such as name, email and password)

  • Profile details (such as date of birth, pregnancy or maternal status, and any health information you choose to share)

  • Communications and content you post or send via the app or our support channels

  • Newsletter subscription details (email address)

  • Payment or subscription details (if relevant)

b) Automatically collected data:

  • Device and usage data including IP address, device type, operating system, app usage logs and crash reports

  • Cookies and similar technologies used on our website

c) Special category data (health-related):
As the service supports maternal health, you may provide health-related or sensitive information (such as pregnancy status or wellbeing details). This is classed as “special category data” under UK GDPR and receives additional protection.

4. How We Use Your Data

We use your data for the following purposes:

  • To provide, maintain and improve our services (for example, accounts, app features and community spaces)

  • To personalise your experience, such as providing tailored content, newsletters and support

  • To communicate with you, including newsletters, updates and customer support

  • For analytics and research to understand usage, improve features and ensure safety

  • For security and fraud prevention

  • To comply with legal or regulatory obligations

When we process health-related data, we only do so with your explicit consent and for purposes that benefit you or align with our service aims.

5. Legal Basis for Processing

Under the UK GDPR, our lawful bases for processing your data include:

  • Consent: when you agree to certain types of processing (such as newsletters or health data)

  • Contract: where processing is necessary to deliver our services to you

  • Legitimate interests: to analyse and improve the app, ensure security and maintain service quality

  • Legal obligations: to comply with legal or regulatory duties

For special category data (such as health information), we will always seek explicit consent, unless another lawful basis applies.

6. Research and Transparency in Pregnancy-Related Health for Women of Colour

AtYourCocoon Health, we are deeply committed to improving understanding and outcomes in pregnancy-related health, especially for women of colour, who continue to face significant health inequalities.

We believe in transparency, respect and user control over your data. If we ever wish to use your information for research purposes, such as analysing anonymised trends or supporting academic or public health studies, we will:

  • Always ask for your explicit consent before using any of your personal or health-related data for research

  • Clearly explain the research purpose, what data would be used, how it will be anonymised or pseudonymised, and who (if anyone) our research partners are

  • Use anonymised or aggregated data wherever possible, ensuring you cannot be personally identified

  • Never share identifiable information with researchers or third parties without your explicit permission

  • Allow you to withdraw consent at any time, easily and without penalty. If you withdraw consent, your data will no longer be used for research, although anonymised data already included in analyses may not be identifiable or retrievable

We are committed to building trust and advancing equity through ethical, transparent research practices that fully respect your privacy and autonomy.

7. Sharing Your Data

We do not sell your personal data. We may share it in the following circumstances:

  • With trusted service providers, such as hosting, analytics or email providers, under strict data protection agreements

  • With health professionals or experts via the app, but only with your consent

  • Within community features, where you choose to share content

  • With law enforcement or regulators when legally required

  • In the event of a merger or acquisition, under safeguards that preserve your privacy

8. International Transfers

Your data may be processed outside the UK or European Economic Area (for example, by our hosting providers). If this happens, we will ensure appropriate safeguards are in place, such as UK-approved Standard Contractual Clauses, to protect your information.

9. Data Retention

We keep your personal data only for as long as necessary for the purposes described in this policy, or as required by law.

  • For active accounts, we retain your data during the lifetime of the account and for a short period afterwards.

  • For newsletter subscribers, we retain your data until you unsubscribe or request deletion.

  • Backups and logs are retained for [for example, two years] for security and compliance.
    After these periods, data is securely deleted or anonymised.

10. Your Rights

Under UK data protection law, you have the right to:

  • Access your data

  • Rectify incorrect or incomplete information

  • Request erasure (“the right to be forgotten”)

  • Restrict or object to processing

  • Receive your data in a portable format

  • Withdraw consent at any time (without affecting the lawfulness of prior processing)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, please contact us at hello@cocoon-app.co.uk. We will respond within the required timeframes.

11. Cookies and Similar Technologies

We use cookies and similar tracking technologies on our website to improve functionality, analyse usage and personalise your experience.
You can manage or disable cookies in your browser or device settings. For more details, see our Cookie Policy [insert link].

12. Security

We apply appropriate technical and organisational measures, including encryption, access controls and regular audits, to protect your data.
While we work hard to maintain strong security, no system is completely secure.

13. Children’s Privacy

Our services are not intended for children under 16 without parental consent. If we become aware that a child under 16 has provided personal data without proper consent, we will delete it promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on our website with the revised “Last updated” date. If significant changes occur, we may notify you via the app or email.

15. Third-Party Links

Our app and website may contain links to third-party services. We are not responsible for their content or privacy practices. Please review their policies before providing any personal data.

16. Contact Us

If you have any questions, concerns or requests about this Privacy Policy or how we handle your data, please contact us:
Email: hello@cocoon-app.co.uk
Address: 13a Seamoor Road, Bournemouth

We will respond promptly and respectfully.

17. Investor Information

We also collect and process personal data relating to our current and potential investors, advisers and business partners. This may include:

  • Contact details (such as name, email address, phone number, company name and role)

  • Financial or business information shared as part of investment discussions

  • Communication records (emails, meeting notes and correspondence)

  • Identification details, where required by financial or anti-money-laundering regulations

We process this information for the following purposes:

  • To manage investor relations and maintain professional communication

  • To comply with legal, financial and regulatory obligations

  • To assess and pursue legitimate business and funding opportunities

  • To maintain accurate business records

We rely on legitimate interests and legal obligations as the lawful bases for processing investor information.

Investor data is stored securely and will never be sold or shared with third parties, unless required by law, regulation or with your explicit consent (for example, where an introduction to another partner has been mutually agreed).

We retain investor data only for as long as necessary for the purposes outlined or as required by law. Investors may contact us at any time to review, correct or request deletion of their personal data.