Privacy Policy

At Mindful Foundations, we are committed to safeguarding your privacy and protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our therapy services or interact with our practice in any manner.

 

We comply with the United Kingdom General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

 

Our practices align with the guidance set by the Information Commissioner's Office (ICO), ensuring your data is handled with the highest standards of security and confidentiality. 

 

This privacy notice provides details on the information we collect and how we manage it, from initial contact through to post-therapy procedures. Specifically, it includes:

  • The lawful basis for processing your personal information
  • The type of information we collect
  • How we use and store your data
  • Your rights regarding data protection
  • How to make a complaint

Data Controller

The term 'Data Controller' refers to the individual or organisation responsible for collecting, storing, and managing personal data. In this case, the Data Controller is Rebecca Amos for Mindful Foundations Ltd, overseeing data processed as part of their clinical work. Mindful Foundations Ltd is registered with the ICO (Registration Number: 00019862772).

 

Lawful Basis for Processing Personal Data

Under the UK GDPR, we must have a lawful basis for processing your personal data, which varies depending on the stage of engagement.

 

Information We Collect

  • Contact Information: Name, address, email, phone number, and emergency contact details.
  • Personal Information: Medical history, mental health details, and other relevant data for therapy services.
  • Payment Information: Billing details for processing service fees.
  • Communication Data: Emails, messages, and therapy session notes.
  • Website Usage Data: Device details, browser type, and IP address for analytical purposes.

The UK GDPR ensures that we handle any sensitive personal data disclosed during therapy appropriately. This data falls under ‘special category personal information’, which is processed under our lawful basis of providing health treatment through a contract between you and your therapist.

 

How We Use Your Information

The lawful bases for processing your information include:

  • Consent: You may withdraw consent at any time by contacting admin@mindfulfoundations.co.uk.
  • Contractual Obligation: Necessary for providing therapy services.
  • Legal Obligation: Compliance with regulatory requirements.
  • Vital Interest: If necessary for safeguarding purposes.
  • Legitimate Interest: Holding data post-therapy under ethical guidelines.

Your personal information is used for:

  • Therapy Services: Assessment, treatment, and ongoing support, kept private unless safeguarding concerns arise.
  • Session Notes: Confidential records of sessions, retained for clinical purposes.
  • Supervision: Anonymous case discussions within ethical guidelines.
  • Billing & Payment Processing: Secure handling of payment details.
  • Communication: Appointment reminders and therapy-related updates.
  • Quality Improvement: Assessment of service effectiveness.
  • Legal Compliance: Adherence to professional regulations.

Data Storage & Retention

Personal data is securely stored using end-to-end encryption. Records are retained for eight years post-therapy, in line with legal and ethical requirements, after which they are securely destroyed.

  • Email correspondence unrelated to therapy is deleted after six months.
  • Confidentiality may be overridden if there is a risk of harm to yourself or others or any safeguarding issues arise.

 

Your Data Protection Rights

You have the right to:

  • Access copies of your personal information.
  • Request corrections to inaccurate data.
  • Request deletion of certain data.
  • Restrict or object to data processing in specific circumstances.
  • Request transfer of data to another organisation.

Requests can be made via admin@mindfulfoundations.co.uk, and we will respond within one month. Further details on your rights can be found at ICO Your Data Matters.

 

Making a Complaint

If you have concerns about how your data is used, please contact us at admin@mindfulfoundations.co.uk with [COMPLAINT] in the subject line. You may also contact BABCP at complaints@babcp.com or via their helpline (0330 320 0851, 9am–5pm). More information can be found in our therapy contract.

 

Alternatively, complaints can be raised with the ICO at:

Information Commissioner's Office

Wycliffe House, Water Lane

Wilmslow, Cheshire, SK9 5AF

Helpline: 0303 123 1113 | Website: www.ico.org.uk

 

Policy Updates

We may revise this Privacy Policy as needed to reflect regulatory changes or service updates. The latest version will always be available on our website.

 

By using our therapy services or engaging with our practice, you agree to the terms outlined in this Privacy Policy. For any questions, please contact admin@mindfulfoundations.co.uk.

 

Last Updated: 05/11/2025

Mindful Foundations Psychotherapy Ltd

 

Logo

©Copyright 2025. All rights reserved. Mindful Foundations Psychotherapy 

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.