GDPR Privacy Policy

At Safe Path Therapy, we are committed to safeguarding and preserving the privacy of our clients, visitors, and users of our website. This privacy policy outlines how we collect, use, store, and protect personal data in compliance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) in the UK.

Please read this policy carefully to understand how your personal information is handled. By using our website or accessing our services, you consent to the practices described in this policy.

1. Information We Collect

We collect and process personal data to provide psychotherapy services, manage bookings, and improve the user experience. The types of personal data we may collect include:

• Contact Information: Name, email address, phone number, and postal address.

• Health Information: Any medical or psychological information necessary for providing therapeutic services.

• Communication Data: Any correspondence between you and Safe Path Therapy via email, forms on the website, or other communication methods.

• Payment Information: If applicable, payment details related to services provided.

• Online Activity: IP addresses, browser type, location data, and usage patterns when visiting our website (through cookies or analytics tools).

2. Legal Basis for Processing Your Data

We will only process your personal data when we have a lawful basis to do so. Under GDPR, the lawful bases we rely on for processing your personal data are:

• Consent: We may rely on your explicit consent to process sensitive health-related data, including during the consultation process.

• Contractual Necessity: The processing of your data is necessary to provide you with our psychotherapy services, including making appointments and processing payments.

• Legitimate Interests: We may process some data where it is in our legitimate interest to do so, such as for business purposes like improving our services or preventing fraud.

• Legal Obligation: We may process data when required to do so by law, such as compliance with health and safety regulations or for reporting certain data to regulatory authorities.

3. How We Use Your Information

We use the personal data we collect in the following ways:

• To Provide Services: To schedule consultations, provide psychotherapy, and manage ongoing therapy sessions.

• To Communicate: To contact you about appointments, send reminders, or provide relevant information related to therapy services.

• To Process Payments: To handle payments for services provided, including invoicing and billing.

• For Legal and Regulatory Compliance: To comply with legal obligations, including record-keeping requirements in the context of healthcare.

• To Improve Services: To evaluate and improve our website, user experience, and overall service delivery.

4. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy or as required by law. Specific retention periods include:

• Health and Treatment Records: We will retain therapy-related records for a minimum of 7 years, in accordance with UK healthcare regulations.

• Communication Data: Emails and other correspondence will be retained for a period of time to allow us to respond to inquiries and manage bookings. This may vary depending on the nature of the communication.

After the retention period expires, we will securely delete or anonymize your personal data, unless we are required by law to retain it for longer.

5. Sharing Your Information

We do not sell or trade your personal data to third parties. However, we may share your data with trusted third parties in the following situations:

• Healthcare Providers: If necessary, we may share your health-related information with other healthcare providers if you have given your consent, or if required for your care.

• Payment Processors: To process payments for services provided, we may share payment details with third-party payment processors.

• Service Providers: We may share data with trusted service providers, such as website hosting or email marketing platforms, who assist in managing our business. These providers are required to comply with GDPR standards.

• Legal Requirements: We may disclose personal data if required by law, such as complying with legal obligations, responding to court orders, or investigating fraudulent activity.

6. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

• Right to Access: You have the right to request copies of your personal data.

• Right to Rectification: You have the right to request that we correct any inaccuracies in your personal data.

• Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data, subject to certain conditions.

• Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances.

• Right to Data Portability: You have the right to request that we transfer your data to another organization in a structured, commonly used, and machine-readable format.

• Right to Object: You have the right to object to the processing of your data based on legitimate interests or for direct marketing purposes.

• Right to Withdraw Consent: If we rely on your consent to process personal data, you may withdraw your consent at any time.

If you wish to exercise any of these rights, please contact us using the details below.

7. Security of Your Data

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction. These measures include encryption, secure storage, and access control.

However, no method of transmission over the internet is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

8. Cookies and Tracking Technologies

We may use cookies and similar technologies to enhance your experience on our website. Cookies are small files stored on your device that help us analyze website traffic, improve our services, and remember your preferences. You can control the use of cookies through your browser settings.

9. International Transfers of Data

If we transfer your personal data outside of the UK or the European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your privacy rights in compliance with GDPR.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. Any changes will be posted on this page with an updated "Effective Date." We encourage you to review this policy periodically.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us:

Safe Path Therapy

Address:6 Holden Gardens, Stapleford Nottingham

Phone Number: 07904060528

Email: safepaththerapy@aol.com