1. Introduction

Sabi Chahal Therapy ("we," "us," or "our") is dedicated to protecting your privacy. This Privacy Policy explains how we collect, use, and look after your personal information when you visit our website, www.sabichahal.com, and when you engage with our therapy services. It also explains your rights under the General Data Protection Regulation (GDPR).

2. Who is the Data Controller?

The data controller responsible for your personal information is Sabi Chahal.

3. Types of Personal Data We Collect

We may collect and process the following types of information:

Contact Information: Such as your name, email address, phone number, and address.

Health Information: Any details you provide about your mental health, medical history, or other health-related matters.

Appointment Details: Information such as appointment dates, session notes, and payment records.

Website Use Information: Data like your IP address, browser type, and which pages you visit.

4. How We Use Your Personal Data

Your information may be used for the following purposes:

Therapy Services: To understand your needs and provide effective support.

Communication: To keep you updated on appointments and relevant information.

Billing and Administration: To manage payments and other administrative tasks.

Improving the Website: To understand how visitors use the site and make improvements.

Legal Compliance: To meet any legal or regulatory requirements.

5. Legal Grounds for Processing

We process your information based on:

Consent: When you’ve given permission for specific purposes.

Contractual Necessity: To fulfill our agreement to provide therapy services.

Legal Requirements: When we need to meet legal obligations.

Legitimate Interests: To support our practice’s functions, as long as this doesn’t interfere with your rights.

6. Sharing Your Information

We won’t share your personal data with third parties, except in these cases:

With Your Permission: When you have given consent for specific sharing.

Service Providers: Trusted third-party providers who help us manage our practice (e.g., billing).

Legal Obligations: When required by law or to protect your wellbeing or that of another person.

7. Data Retention

We keep your personal information only for as long as needed to fulfill the purposes outlined, in line with professional standards and legal requirements.

8. Your Rights

Under GDPR, you have rights over your personal information, including:

Access: You can request to see a copy of your information.

Correction: You can ask for any inaccurate or incomplete information to be corrected.

Deletion: You can request the deletion of information when it’s no longer needed.

Restriction: You can ask us to limit how we use your information in certain cases.

Objection: You can object to processing based on legitimate interests.

To exercise any of these rights, please contact us via the email provided on our Agreements form.

9. How We Protect Your Data

We use measures to keep your personal data secure and to prevent unauthorised access, changes, or disclosure.

10. Updates to This Privacy Policy

We may update this Privacy Policy as needed. Any changes will be posted on this page, and significant updates may be sent to you by email.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please reach out via the contact details on our website.

12. Governing Law

This Privacy Policy, and any dispute or claim arising out of or in connection with it, shall be governed by and construed in accordance with the laws of England and Wales.