Privacy & Data Protection Policy
Thrive Trauma Solutions– Online Therapy Services
Effective from: 1/7/2025

1. Why this policy matters

This policy explains how I handle your personal information when you use my online therapy services. It follows UK data protection laws (UK GDPR & the Data Protection Act 2018).
I am registered with the Information Commissioner’s Office (ICO), the UK’s data protection authority.

2. What information I collect

I collect and store:

• Your name, contact details, and date of birth
• Minimum therapy notes
• Emergency contact (for safety)
• Any emails or messages between us

Some of this is sensitive health data and is protected under law.

3. How I use your data

I use your data to:

• Deliver safe, personalised therapy
• Contact you about sessions
• Keep confidential session notes
• Meet legal and professional responsibilities

4. How your data is stored

• All records are stored on encrypted, password-protected systems
• Online video sessions use secure, reputable platforms
• Emails and digital messages are kept confidential

5. Who sees your data

I will never share your data unless:

• You give clear consent
• I am required to by law (e.g., risk of serious harm or a legal order)

6. How long I keep your data

I keep your records for 7 years after our final session, in line with professional guidelines, then delete them securely.

7. Your rights

You have the right to:

• See the information I hold about you
• Ask for any incorrect data to be corrected
• Ask me to delete your data (in certain cases)
• Withdraw your consent (where relevant)
• Complain to the ICO at www.ico.org.uk