An ‘HTTP cookie’—commonly referred to in its abbreviated form as a "cookie"—is a parcel of text sent back and forth between a visitor's web browser and the website server the visitor accesses. Cookies are used to collect data about a given browser, along with the information requested and sent by the visitor. You can set your web browser to reject or delete cookies.
You can manage these small files yourself and learn more about them by visiting
You may access the publicly accessible parts of the NROSH+ website without logging on or accepting cookies. However, rejecting or deleting our cookies may affect your ability to use our site if you are a user with access to restricted pages and personal log-in details.
By logging on to the NROSH+ website you consent to the storage of cookies by NROSH+ on your computer’s hard drive.
This cookie generates a session ID for each unique user.
|At end of session|
The ASPXAUTH cookie is used to determine if a user is authenticated.
|At end of session|
We use leading technologies and encryption software to safeguard your data, and keep strict security standards to prevent any unauthorised access to it. All access to restricted parts of this website is subject to the Terms and Conditions published on this website.
For the security of those who will enter data, a password will be issued. Users of the site may change this password using the ‘change password’ functionality within the site. Users are advised to create strong passwords (such as those promoted at https://www.cyberaware.gov.uk/passwords).
Personal data collected from NROSH+ will only be processed where such processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or where the data subject has given consent to the processing of his or her personal data for one or more specific purposes; or where we are obliged or permitted by law to disclose it.
The personal data we hold is processed by our staff in the UK.
This site is intended for the purpose of collecting and disseminating regulatory data and statistics. Most of this data is collected at the level of a registered provider – at entity level. Personal data is only collected, via secure pages, as detailed below:
- - contact details for its nominated representatives who will be the contacts for correspondence about regulatory matters and the surveys collected (regulatory and officer contacts)
- - contact details of individuals that the regulator can contact regarding financial surveys (financial survey contacts)
- - contact details to which the regulator can send invoices for fees payable (fees invoice contact)
- - contact information for users subscribing to the NROSH+ system (NROSH+ users)
- - details are also required from time to time in the course of submitting a return to confirm the identity of the person submitting the data, or making a declaration about the data.
Please note that any information you provide should not breach data protection legislation. In particular we would like to remind you of your responsibilities under General Data Protection Regulation (GDPR). Unless explicitly instructed by the regulator, please ensure that no personal information is contained within surveys and documents supplied through NROSH+.
In order to carry out its regulatory functions the Regulator of Social Housing (RSH) needs to maintain contact details of officers employed by a registered provider. We have set out how we will use your personal data below.
Personal Data is not shared with other organisations for commercial purposes. However we may wish to disclose the contact details of officers to other public authorities or other bodies performing a public function for use in connection with those public functions. We will only disclose contact details where we have consent to share them for a specified purpose, or where we are required by law to disclose the information.
If you need to change or modify information that you have previously provided, and are unable to access it, you should contact the Referrals and Regulatory Enquiries Team as detailed on this website.
Officer contact details are used for contacting individuals with details of regulatory data requirements and documents relating to regulatory matters (including (but not limited to) consultations and information relating to fees, data and our standards).
The fees invoice contact will receive the invoices for fees payable to RSH and may be contacted with regard to the payment or processing of these invoices.
Survey contacts are representatives from the Registered Provider who the regulator can contact in reference to the financial surveys.
NROSH+ users signing up to the site provide an email contact. The RSH will only contact users about the use of the NROSH+ system and the collection of the relevant surveys and other regulatory documents which can be submitted through NROSH+. However the RSH may provide your name and contact details to another member of your organisation in order for them to seek your guidance on or for you to grant them access to the NROSH+ system.
How long will we keep your data?
The RSH does not set out any specific minimum or maximum periods for retaining personal data. However the personal data we collect will not be kept for longer than is necessary for the purpose or purposes for which it was collected.
What are your rights?
You have the right under the GDPR to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to the Data Protection Officer whose contact details are on this web page. In some circumstances we can provide personal information in a machine readable format. If you would like your information to be provided to you in a machine readable format please include this request in your email or letter.
When the Data Protection Officer receives your request a check will be made to see whether we have the information you want and if there’s any reason why we can’t make it available to you.
If we hold the information, we’ll usually be able to make it available to you. When this isn’t possible, we’ll explain why. If you disagree with our decision to withhold information, you can ask for an internal review by contacting the Data Protection Officer.
We want to make sure that your personal information is accurate and up to date. To this end you can ask us to correct the information we hold about you, or if that information is incomplete, to complete it at any time.
In certain circumstances you can ask us to erase the data we hold about you.
You also have the right to restrict or object to the processing of your personal information by the RSH.
If you would like your personal data to be corrected, completed or erased, or if you wish to restrict or to object to the processing of your personal data please write to the Data Protection Officer.
If you are not satisfied with our response or believe we are processing your personal data unlawfully you can complain to the Information Commissioner’s Office (ICO).
Links to other sites
How to contact us
The data controller is the Regulator of Social Housing whose contact details can be found below
The Regulator of Social Housing
- Level 1 A
- City Tower
- Piccadilly Plaza
- M1 4BT
- Email - firstname.lastname@example.org
- Telephone - 0300 124 5225
Details of our Data Protection Officer are as follows
Data Protection Officer: Maewyn Cumming
Data Protection Manager (first point of call for enquiries): Emma Tarran
Contact details for both of the above:
- Email - email@example.com
- Telephone - 0300 124 5225