Confidentiality & Privacy Statement

At Mend Hypnotherapy, your privacy and confidentiality are very important. This statement explains how your personal information is collected, stored, and used in line with the General Data Protection Regulation (GDPR).

How Your Data is Stored

Your information, including session notes and contact details, is kept securely:

  • Electronic Data: Stored on password-protected devices with security software. Any cloud storage used is GDPR-compliant and encrypted.

  • Paper Records: Stored securely in a private location.

How Long Your Data is Kept

  • For adults, records are kept for eight years after your last session.

  • For children under 16, records are kept until they turn 25; for 17–18 year olds, until they turn 26.

  • You can request your records be deleted at any time. If there’s no legal or ethical reason to retain them, your data will be securely deleted within 30 days.

Accessing Your Information

You have the right to request a copy of the information held about you. This will be provided in a clear and understandable format within 30 days.

Why Your Data is Collected

We collect information to:

  • Provide safe and effective hypnotherapy tailored to your needs.

  • Schedule, confirm, and remind you of appointments.

  • Maintain session records and track progress.

  • Communicate with you about your care and appointments.

  • Comply with professional and legal obligations.

  • Assess and manage potential risks to your safety or the safety of others.

We only collect and keep the data necessary for these purposes.

Confidentiality in Sessions

Your sessions are strictly confidential. Information will not be shared without your consent, except in the following circumstances:

  • Supervision: Cases may be discussed anonymously for professional development.

  • Risk of Harm: If there is a serious risk to your safety or someone else’s, or if legally required, information may be disclosed.

  • Safeguarding: Concerns about a child or vulnerable adult may be reported to the relevant authorities.

Meeting Outside of Sessions

If we meet outside a session, your confidentiality is respected. I will not initiate contact or reveal our professional relationship.

Sharing with Other Professionals

Information will only be shared with your explicit written consent and limited to what is necessary for your care. You will always be informed about what is shared and with whom.

Data Controller

The Data Controller for Mend Hypnotherapy is Sally Nicholls.
ICO registration number: ZB910270