Privacy Policy

Last updated: May 2026

1. Who We Are

Chalice Psychotherapy (“we”, “us”, “our”) is the data controller responsible for your personal data.

Contact details:
Email: elena@chalicepsychotherapy.co.uk
Phone: 0800 099 6433
Address: Suite 1, Unit 8 Pennine Industrial Park, Valley Road, Hebden Bridge, England, HX7 7BZ

2. What Data We Collect

We may collect and process the following personal data:

  • Identity data (name)
  • Contact data (email address, phone number)
  • Health-related information (where relevant to therapy services)
  • Technical data (IP address, browser type, device data)
  • Usage data (website interactions)
  • Marketing preferences

    3. How We Collect Your Data

    We collect data through:

    • Contact forms or enquiries
    • Booking or consultation forms
    • Email or phone communication
    • Website analytics and cookies

      4. How We Use Your Data

      We use your data to:

      • Respond to enquiries
      • Provide therapy services
      • Manage bookings and communication
      • Improve our website and services
      • Send relevant updates (if you opt in

        5. Lawful Basis for Processing

        Under UK GDPR, we rely on:

        • Consent (e.g. marketing communications)
        • Contract (providing services)
        • Legal obligation (record keeping where required)
        • Legitimate interests (website improvement, service delivery)

        Health data is treated as special category data and processed with additional safeguards.

        6. How We Share Your Data

        We do not sell, rent, or trade your personal data.

        We may share your data with trusted third-party service providers who support the operation of our website and services, including:

        • Website hosting providers
        • Email and communication platforms
        • Booking or administrative systems

        These providers only process your data on our behalf and in accordance with data protection laws.

        We may also disclose personal data where required to comply with legal obligations.

        7. International Data Transfers

        Some service providers may store data outside the UK.
        Where this occurs, we ensure appropriate safeguards are in place (e.g. UK adequacy regulations or contractual protections).

        8. Data Retention

        We retain personal data only as long as necessary:

        • Enquiries: [e.g. 12 months]
        • Client records: [e.g. 6–7 years – adjust as needed]
        • Marketing data: until you unsubscribe

        9. Your Rights

        Under UK GDPR, you have the right to:

        • Access your personal data
        • Correct inaccurate data
        • Request deletion
        • Restrict or object to processing
        • Data portability
        • Withdraw consent at any time

        You also have the right to complain to the Information Commissioner’s Office (ICO).

        10. Data Protection Complaints

        If you have concerns about how your data is handled, you can contact us directly. We will acknowledge your complaint within 30 days and respond without undue delay.

        11. Cookies

        We use cookies to improve your experience and analyse website traffic.

        You can control cookie preferences through your browser or cookie banner.
        For more information, see our Cookie Policy.

        12. Data Security

        We take appropriate technical and organisational measures to protect your data from unauthorised access, loss, or misuse.

        13. Changes to This Policy

        We may update this policy from time to time. The latest version will always be available on this page.