Privacy Policy

---

Please read this carefully before using our website or services. If you do not agree with these terms, you are advised not to use this website or services.

Your use of this website is deemed to be in agreement with this Privacy Policy. Please do not continue to use our website or services if you do not agree to these terms. 

This Privacy Policy outlines how we collect, use, store and manage your personal data and your rights regarding that data. As a data controller registered with the Information Commissioner’s Office (ICO), which is the statutory body that oversees data protection law in the UK, we take all reasonable steps to ensure that your personal data is safeguarded and kept in accordance with data protection law, including the General Data Protection Regulation (GDPR).

We will update this privacy policy regularly to ensure it continues to comply with the latest regulations and best practices. This privacy policy was last amended on 14 October 2023.

What is personal data?

Personal data is any information that identifies you, or by which your identity could be deduced.

What data do we collect?

We collect the following data:

• Identity data (includes title, first name, last name, usernames, date of birth, gender);
• Contact data (includes address, email address, telephone numbers, GP details);
• Technical data (includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in versions, operating systems and platform);
• Usage data (information about how you use our website and the services that you choose from our website); 
• Mental health data (includes information you may provide us about your mental health when you get in touch to request us to contact you or book an initial consultation, which assists us with the issues you may need help with, and other information collected in therapy sessions).

How do we collect your data?

We collect and process data when you:

• Contact us via our website to make enquiries about any of our products or services; 
• Email, phone, text or send us a direct message via social media (the details may be retained by us as relevant to our legitimate business interest or as required for legal purposes);  
• Voluntarily provide feedback via email or in response to any surveys by us;
• Interact with our website. The data is collected automatically by the website host via cookies and other similar technologies which remember your preferences. Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. You can set your browser to not accept cookies and freely delete cookies from your browser at any time.

How do we use your data?

We use your data to:

• Perform the contract that we have entered or will enter into with you, or improve the performance of said contract (e.g. via reviews or feedback); 
• Comply with a legal or regulatory obligation;
• Provide you with access to our site and manage this access;
• To administer and protect our website (e.g., troubleshooting, system maintenance etc.);

We will only use your data where the UK law allows us to. UK law requires us to have a “legal basis” for processing your personal data. These are:

• To perform a contract that we have entered or will enter into with you;
• To comply with a legal or regulatory obligation;
• Where it is necessary for our legitimate business interests (and where we believe your interests and fundamental rights do not override these).  

What are your data security measures?

We securely store your data on servers that are GDPR-compliant. All relevant electronic equipment and files are encrypted or password-protected. We will keep your personal data for a maximum of seven years after the last date of service from us, unless data is legitimately required by us, such as for providing you with the marketing of our services (with your consent). After this period, all data will be securely destroyed. 

Whilst every effort is made to ensure maximal security, please be aware that online communication is never guaranteed to be 100% secure (there is always the possibility of hackers, for example) and as such it is your decision as to how much you wish to share of your personal information via these formats.

Therapy notes and virtual sessions

Therapist's are required by their regulatory body to keep appropriate records of their work (session notes). To fulfil this, we keep minimal session notes which are anonymized, kept separately from any identifying data and secured to minimize the possibility of any data breach. The lawful basis for processing these notes is that it is for the provision of health treatment (in this case counselling) and necessary for a ‘contract’ with a health professional (in this case, a contract between the therapist and you). 

What are your data rights?

You have a right to ask for your personal information to be deleted, to limit how it is used, or to stop the processing of it. You also have a right to ask for a copy of any information that is held about you and to object to the use of your personal data in some circumstances.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: info@mindbalm.co.uk.

Use by children

Our website and services are designed for adults. Therefore, our online services that collect personal data should not be accessed by individuals under the age of 18. We request that individuals under the age of 18 do not provide any personal data to us. If we discover that an individual under this age has provided data to us, we will delete the child’s personal data that is in our possession.

Privacy policies of other websites

This website may contain links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

How to contact us?

You can contact us about data protection issues by emailing info@mindbalm.co.uk.

Last reviewed: October 2023