Privacy Policy
Introduction
Your privacy is very important to us at Yc Thérapies Ltd, and you can be confident that your personal information will be kept safe and secure and will only be used for the purpose it was given to us. We adhere to current data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
This privacy notice explains how we will process your personal information from initial point of contact through to after your therapy has ended, including:
• Why we are able to process your information and what purpose we are processing it for
• Whether you have to provide it to us
• How long we store it for
• Whether there are other recipients of your personal information
• Whether we intend to transfer it to another country
• Whether we do automated decision-making or profiling
• Your data protection rights
We are happy to discuss any questions you might have about our data protection policy. Please contact us via jean@paintherapycoaching.co.uk.
Data Controller Information
'Data controller' is the term used to describe the person/organisation that collects, stores, and has responsibility for people's personal data. In this instance, the data controller is Yc Thérapies Ltd.
We are registered with the Information Commissioner's Office, registration number ZB498995.
Our contact details:
Yc Thérapies Ltd
Suite 3 & 4, Orbital House
3 Redwood Crescent
East Kilbride
G74 5PA
Phone: 07985528839
Email: jean@paintherapycoaching.co.uk
Our Lawful Basis for Processing Your Data
The UK GDPR requires that we have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which we are processing your data:
If you are currently having therapy or if you are in contact with us to consider therapy, we will process your personal data where it is necessary for the performance of our contract.
If you have had therapy with us and it has now ended, we will use legitimate interest as our lawful basis for holding and using your personal information.
The UK GDPR also requires us to handle any sensitive personal information that you may disclose to us appropriately. This type of information is called 'special category personal information'. The lawful basis for us processing any special categories of personal information is that it is for provision of health treatment (in this case Pain Reprocessing Therapy) and necessary for a contract with a health professional (in this case, a contract between Yc Thérapies Ltd and you).
How We Use Your Information
Email Newsletter & Marketing Communications
When you sign up for our newsletter, we collect your name and email address in order to send you occasional updates, resources, offers, and insights related to chronic pain recovery, mind-body tools, and our work.
Your information is stored securely through Substack and Mailerlite and will never be shared with third parties.
You can unsubscribe at any time using the link at the bottom of any email.
Initial Contact
When you contact us with an enquiry about our services, we will collect information to help us satisfy your inquiry. This will include your name, address, contact details and information you give us about your situation.
While You Are Accessing Therapy
Rest assured that everything you discuss with our therapist(s) is confidential. That confidentiality will only be broken if:
A court order is made demanding disclosure – including coroners courts and fatal accident inquiries in Scotland
There is good cause to believe that not to disclose would cause danger of serious harm to yourself or others
We will always try to speak to you about this first, unless there are safeguarding issues that prevent this.
We keep a record of your personal details to help the therapy process run smoothly. These details are kept securely on WriteUpp and are not shared with any third party. WriteUpp is ISO27001 certified practice management software for therapists and is UK GDPR compliant. It uses two-factor authentication login and encrypted data replication across different servers to keep your information safe. We also keep written notes of each session, which are stored on WriteUpp.
Communication Tools
We may use WhatsApp as a communication tool for the purpose of providing therapy services and related administrative tasks. Please note that while WhatsApp offers convenience in communication, it is essential to understand that electronic communication may pose certain risks to privacy and confidentiality.
We take all reasonable measures to ensure the security and confidentiality of communications via WhatsApp; however, it is important to recognize that electronic messages may not be entirely secure. By engaging in communication through WhatsApp, you acknowledge and accept these inherent risks.
We recommend limiting the sharing of sensitive information through this platform and encourage you to review WhatsApp's privacy policy here: https://www.whatsapp.com/legal/privacy-policy to further understand their data handling practices.
For security reasons, we do not retain text messages for more than the duration of the therapy. If there is relevant information contained in a text message, we will copy this information into our notes on WriteUpp. Likewise, any email correspondence will be deleted after the therapy has ended if it is not important. If necessary, we will copy the information into our notes on WriteUpp.
After Therapy Has Ended
Once the support has ended, your records will be kept for 7 years from the end of our contact with each other and are then securely destroyed. If you want us to delete your information sooner than this, please inform us.
Your Rights
We try to be as open as we can in terms of giving people access to their personal information. You have a right to ask us to:
Delete your personal information
Limit how we use your personal information
Stop processing your personal information
Provide a copy of any information that we hold about you
Object to the use of your personal data in some circumstances
You can read more about your rights at ico.org.uk/your-data-matters
If we do hold information about you, we will:
Give you a description of it and where it came from
Tell you why we are holding it
Tell you how long we will store your data and how we made this decision
Tell you who it could be disclosed to
Let you have a copy of the information in an intelligible form
You can also ask us at any time to correct any mistakes there may be in the personal information we hold about you.
Making a Request or Complaint
To make a request for any personal information we may hold about you, please put the request in writing to jean@paintherapycoaching.co.uk.
If you have any complaint about how we handle your personal data, please do not hesitate to contact us using the details provided above. We welcome any suggestions for improving our data protection procedures.
If you want to make a formal complaint about the way we have processed your personal information, you can contact the Information Commissioner's Office (ICO), which is the statutory body that oversees data protection law in the UK. For more information, visit ico.org.uk/make-a-complaint.
Data Security
We take the security of the data we hold about you very seriously. As such, we take every effort to make sure it is kept secure:
All electronic data is stored on encrypted drives
Our systems are password protected with multi-factor authentication where available
We use specialized practice management software (WriteUpp) that meets healthcare data security standards
Our staff are trained in data protection requirements
We regularly review our data protection procedures
Updates to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated policy will be posted on our website, and the date of the latest revision will be indicated at the bottom of the page.
Last Updated: 09.05.2025
© 2025 Yc Thérapies Ltd. All Rights Reserved.