Privacy Policy

At Strategic Minds Online Brief Therapy, we are committed to protecting your privacy and ensuring that your personal information is handled safely and securely. This Privacy Policy outlines how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

 

1.Information We Collect

We collect and process the following personal information:

  • Personal Details: Name, date of birth, contact details (email, phone number, address, if applicable).

  • Health Information: Any information you provide related to your mental health, medical history, and therapy sessions.

  • Payment Information: If you are a private client, we may collect billing details for invoicing purposes.

  • Technical Data: IP address, browser type, and other online identifiers when you visit our website.

2. How We Use Your Information

Your personal data is used for the following purposes:

  • To provide and manage therapy services.

  • To schedule and conduct online therapy sessions.

  • To communicate with you about appointments and treatment.

  • To maintain clinical records as required by law.

  • To process payments and manage invoices.

  • To ensure compliance with legal and professional obligations

3. How We Store and Protect Your Data

  • All electronic records are securely stored in compliance with GDPR regulations.

  • Access to your data is restricted to authorized personnel only.

  • Secure encryption is used for online communications and storage.

  • We retain your records for a period required by professional and legal standards, after which they are securely deleted.

 4. Use of AI Assistant (Heidi)

    • We use Heidi, a secure AI assistant designed for mental health professionals, to support with administrative and clinical documentation tasks—such as structuring session notes, generating treatment summaries, and organising clinical reflections. Heidi is used exclusively by the clinician and operates within a GDPR-compliant framework.

    • To protect client confidentiality, any information processed via Heidi is anonymised or de-identified before entry, and no identifiable client data is stored by the system. Heidi does not retain information beyond the duration of each task and does not use data for training, profiling, or marketing.

    • Use of Heidi is limited to enhancing clinical workflow and is always in line with professional ethical standards. If you have questions about this process or wish to opt out of its use in your care, please get in touch.

    • If you’d like to know more about Heidi’s privacy policy, you can find it here: https://www.heidihealth.com/uk/legal/privacy-policy

 5. Direct Debit via GoCardless:

    • Clients may be asked to set up a direct debit through GoCardless as a precautionary measure, to be used only in the event of non-payment or breach of the cancellation policy.

    • Your bank details are handled securely by GoCardless and are not stored by me.

    • I will not use this method unless necessary under the above circumstances.

    • Your details will be deleted from my GoCardless account once therapy is completed.

    • If you’d like to know more about how GoCardless handles and stores your data, you can find more information here: https://gocardless.com/privacy/

6. Sharing Your Information with Third Parties

We only share your information in the following circumstances:

  • With Your Consent: If you request or authorise sharing information with another healthcare provider.

  • Legal and Regulatory Compliance: If required by law, regulatory bodies, or professional standards.

  • Payment Processing: If using third-party payment services, necessary billing details may be processed securely.

  • Technology Providers: If using a secure online therapy platform, video conferencing, or scheduling system, these platforms may process your data securely.

We do not sell or share your data for marketing purposes.

7. Your Rights Under GDPR

Under the GDPR, you have the right to:

  • Access your personal data.

  • Request corrections to inaccurate or incomplete data.

  • Request deletion of your data (subject to legal and ethical record-keeping requirements).

  • Restrict processing of your data.

  • Withdraw consent for processing where applicable.

  • Request data portability.

If you wish to exercise any of these rights, please contact us at susana@strategic-minds.co.uk

8. Use of Cookies and Online Tracking

Our website may use cookies to improve your browsing experience. You can manage your cookie preferences through your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website, and we encourage you to review it periodically.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Strategic Minds Online Brief Therapy

This Privacy Policy ensures that your personal information is handled responsibly and in compliance with applicable privacy laws

Last update: 01.05.25