top of page

The Therapy Programme –  Privacy Policy

​

Effective date: 01/12/2025

​

The Therapy Programme (“we”, “us”, or “our”) is committed to protecting your privacy and safeguarding your personal data.

These Privacy Notices explain how we process personal data collected through this website and reflect the legal requirements of the UK GDPR and Data Protection Act 2018.

Please note: Separate and more detailed Privacy Notices apply when you use The Therapy Programme’s therapy services or digital products. Those notices are available directly within the relevant service or platform.

The Therapy Programme acts as the data controller for the personal data collected via this site. If you have any questions, you can contact us at info@thetherapyprogramme.co.uk

This Notice explains what information we collect, how we use it, when we share it, how we keep it secure, and your rights as a data subject.

​

1. Information We Collect

Information you provide directly

If you are invited to complete a form on our site (for example, via a link shared in a letter or email), the information collected will depend on the form’s purpose. It may include:

  • Email address

  • Date of birth

  • Postcode

  • ​

Information collected automatically

When you access or interact with this website, we may automatically collect:

  • A unique system reference number

​

2. How We Use Your Information

We process the information collected through this site in order to:

  • Respond to requests submitted via online forms

  • Set up or manage your account if applicable

  • Provide information you have asked for

  • Contact you for further details if required

  • Record and evidence your consent (where this applies)

  • Identify needs that help us improve or develop services

Legal basis for processing

Under the UK GDPR, we process your data based on:

  • Article 6(1)(a) – Consent, where you voluntarily provide information

  • Article 6(1)(b) – Contract, where processing is necessary to provide a service or take steps at your request

 

3. Sharing Your Information

We take care to ensure that your information is only accessed by people who need it and who are authorised to do so.

  • Any staff member handling your information is subject to confidentiality obligations.

  • We will not share information that identifies you with third parties unless:

    • you have given explicit permission, or

    • we are legally required to do so.

If our organisation undergoes restructuring or if all or part of the business is acquired by another entity, your personal information may be transferred to that organisation as part of the process.

We may also share anonymised or aggregated information, which does not identify you, for lawful and analytical purposes.

 

4. How We Protect Your Personal Data

We implement a range of security measures to safeguard your data, including:

  • Technical, physical, and procedural security controls

  • Restricted access to personal data

  • Confidentiality obligations for authorised personnel

  • Processes for detecting and reporting security incidents

We maintain the recognised security certification Cyber Essentials Plus to support robust data protection.

 

5. How We Store Your Data

We work with a small number of trusted Software-as-a-Service (SaaS) providers to store and manage the data collected via this website.
Each provider is assessed to ensure they meet strong data protection and security standards.

Data retention

We retain data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations.
When data is no longer needed, it will be securely deleted.

 

6. Transferring Data Outside the UK

Where possible, we avoid transferring personal data to countries without adequate data protection standards.

Where transfers are necessary, we use one of the following safeguards:

  • Standard Contractual Clauses

  • Binding Corporate Rules

  • Your explicit consent

  • Other legitimate mechanisms recognised under data protection law

This ensures that your personal data continues to be protected to UK GDPR standards.

 

7. Your Data Protection Rights

Under data protection law, you may have the following rights:

  • Right to be informed – to know how your data is used

  • Right of access – to request a copy of your information

  • Right to rectification – to correct inaccurate or incomplete data

  • Right to erasure – to request deletion of your data in specific circumstances

  • Right to restrict processing – to limit how your data is used

  • Right to data portability – to receive or transfer your data to another provider

  • Right to object – to certain uses of your data

These rights may be subject to legal limitations.

 

8. Cookies

Cookies are small files stored on your device to support website functionality and enhance your experience.

  • Essential cookies (for functionality, security, and accessibility) cannot be turned off.

  • You can manage preferences for analytics or targeting cookies using our cookie banner.

  • Optional cookies rely on your consent.

You may also manage cookies through your browser settings. Please note that blocking cookies may affect functionality.

For further detail, please refer to our Cookies Policy.

 

9. Contact Us

If you have any questions or concerns about this Privacy Notice or how we handle your personal data, please contact us:  info@thetherapyprogramme.co.uk

 

10. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. Updates will be posted on this site and may also be communicated by other reasonable means.

Your continued use of the site following updates indicates your acceptance of the updated Notice.

We recommend checking this page periodically.

 

11. Keeping Your Information Up to Date

To keep your information accurate, please notify us if any personal details change during your relationship with us.

 

12. External Links

Our website may contain links to third-party websites. These sites have their own privacy policies, and we are not responsible for how they handle personal data.

​

We encourage you to review their policies before providing any information.

bottom of page