Skip to content Skip to footer

Privacy Policy

Introduction to the Privacy Policy of Mind Success

Welcome to Mind Success, a dedicated hypnotherapy practice committed to supporting your journey towards mental wellness and personal growth. Our Privacy Policy is designed to inform you, our valued clients, about how we collect, use, and protect your personal information. As a sole trading entity, Paul Gibson, trading as Mind Success, recognizes the importance of your privacy and the trust you place in us when sharing your personal information.

Purpose of the Privacy Policy

The primary purpose of this Privacy Policy is to transparently outline how Mind Success collects, uses, stores, and safeguards the personal information you provide to us in the course of using our hypnotherapy services. This policy serves as a guide to help you understand your rights and our obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It is designed to ensure that we handle your personal data responsibly and in a manner that respects your privacy and promotes trust.

Our Commitment to Protecting Your Privacy

At Mind Success, we deeply value the confidentiality and integrity of the information you entrust to us. As the Data Protection Officer (DPO) and sole practitioner of Mind Success, Paul Gibson is personally committed to ensuring that your personal data is protected and handled with the utmost care and respect. We adhere strictly to the best practices in data protection and are committed to maintaining the highest standards of confidentiality.

We understand that the nature of our work involves handling sensitive personal information, particularly pertaining to your mental health and wellbeing. This realization guides our approach to data protection, where we strive to create an environment of trust and safety. We use your information solely for the purposes of providing you with personalized hypnotherapy services and improving your experience with us.

It’s important for you to know that we do not share your personal information with third parties unless it is necessary for providing our services to you, or we are legally required to do so. Even in such cases, the utmost care is taken to ensure that your data is handled securely.

Should you have any questions or concerns regarding how we handle your personal data, or if you wish to exercise any of your privacy rights, please do not hesitate to contact me, Paul Gibson, at paul@mindsuccess.co.uk. As your hypnotherapist and Data Protection Officer, I am here to assist you and ensure that your privacy is always respected.

This Privacy Policy is more than a legal requirement; it is a reflection of our commitment to maintaining a safe, confidential, and respectful environment for all our clients. We invite you to read this policy carefully and reach out with any questions or concerns.

Sincerely,

Paul Gibson Data Protection Officer Mind Success

Identity and Contact Details of the Data Controller

Data Controller:

The data controller responsible for your personal data at Mind Success is:

Paul Gibson, trading as Mind Success.

As the sole practitioner and Data Protection Officer (DPO) of Mind Success, I, Paul Gibson, am accountable for the collection, processing, and safeguarding of your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. My role as the data controller encompasses the responsibility for determining the purposes and means of processing personal data within the practice.

Contact Details:

Should you have any inquiries regarding the processing of your personal data, or wish to exercise any of your data protection rights, please contact me using the details below:

  • Name: Paul Gibson
  • Trading As: Mind Success
  • Role: Data Protection Officer and Sole Practitioner
  • Email: paul@mindsuccess.co.uk

Office Address: (Include physical address if applicable. If you operate from a specific location where clients visit, this should be listed here. If your practice operates only online or via remote sessions, you might mention this instead of a physical address.)

Phone Number: (Include a contact number if available and appropriate for client communications.)

Responsibilities as Data Controller:

In my capacity as the data controller for Mind Success, I am committed to ensuring that your personal data is processed fairly, lawfully, and transparently, without adversely affecting your rights. I will not process your personal data unless it is done under a lawful basis specified by the data protection laws, such as obtaining your explicit consent or where the processing is necessary for the provision of our hypnotherapy services.

As part of my responsibilities, I ensure that:

  • Personal data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • The data collected is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
  • All personal data is accurate and, where necessary, kept up to date.
  • Personal data is stored in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage using appropriate technical or organizational measures.

Mind Success is dedicated to upholding the highest standards of privacy and data protection. If you have any questions or need further clarification, please do not hesitate to contact me at paul@mindsuccess.co.uk. Your trust and confidence in our practice are of paramount importance to us.

Types of Information Collected by Mind Success

At Mind Success, we collect various types of personal information to provide effective hypnotherapy services and ensure the best care for our clients. Understanding the sensitive nature of this data, we handle it with the utmost confidentiality and respect. Below are the categories of personal data we collect and the specifics of each type.

Personal Identification Information

  • Name: To identify and personalize our services for each client.
  • Contact Information: This includes your email address, phone number, and possibly a postal address, which are essential for maintaining communication regarding appointments, updates, and essential information related to our services.

Health and Medical Information

  • Health History: As a hypnotherapy practice, we collect detailed health information, which may include your past and current medical history, mental health history, medications, and other health-related information. This information is crucial for tailoring our hypnotherapy sessions to your specific needs and ensuring your safety during the process.
  • Therapy Notes and Session Details: Notes taken during sessions, which may include information on your mental health, personal experiences, feelings, and progress in therapy. These are vital for monitoring your journey and adapting our approach to maximize the benefits of hypnotherapy.

Sensitive Data

Given the nature of our services, some of the data we collect is classified as sensitive:

  • Mental Health Information: Details regarding your mental health and wellbeing, including any conditions, symptoms, or concerns you have. This information is particularly sensitive and is handled with additional care and confidentiality.
  • Personal Life Details: Information that may arise in the course of therapy about your personal life, relationships, experiences, and emotions. While this data is essential for effective therapy, we recognize its highly personal nature and ensure it is treated with the highest level of discretion.

Payment Information

  • Billing Details: If you make payments for our services, we may collect payment information such as credit/debit card details or bank account information. However, this data is often processed through a secure third-party payment processor, and we ensure that the highest standards of security are maintained.

Other Data

  • Feedback and Surveys: If you participate in any surveys or provide feedback, we may collect this information to improve our services.

Use of Cookies or Similar Technologies on Our Website (if applicable)

  • If you visit our website, we may use cookies or similar technologies to improve user experience, analyze website traffic, and manage sessions. This data is typically non-personal but can include information about your device, browser, and usage patterns.

Handling of Sensitive Data

The sensitive nature of health-related information, especially in a therapeutic context, requires extra precautions. At Mind Success, we:

  • Ensure that such data is accessed only on a “need to know” basis.
  • Apply stringent security measures to protect this data from unauthorized access.
  • Obtain explicit consent for collecting and processing this type of information, clearly explaining its purpose.

Your privacy and the security of your personal information are paramount to us at Mind Success. We are dedicated to handling your data responsibly and transparently, ensuring that your journey with us is both safe and beneficial. If you have any questions or concerns regarding the information we collect, please feel free to contact us at paul@mindsuccess.co.uk.

Purpose and Legal Basis for Processing Data at Mind Success

At Mind Success, we process personal data for various purposes, all of which are integral to the efficient and effective delivery of our hypnotherapy services. Below, we outline the primary purposes for processing your personal data, along with the legal basis for each type of processing activity.

Purposes for Processing Personal Data

  1. Providing Hypnotherapy Services

    • To effectively deliver personalized hypnotherapy services, we collect and process data related to your health, mental wellbeing, and personal experiences. This information is critical for understanding your needs and tailoring our therapy to suit those needs.
  2. Appointment Scheduling and Communication

    • We use your contact information to schedule appointments, send reminders, and communicate important information related to your sessions.
  3. Billing and Payment Processing

    • For clients who pay for services, we process billing and payment information to complete transactions and maintain accurate financial records.
  4. Improving Our Services

    • Feedback and survey responses may be processed to enhance the quality and effectiveness of our hypnotherapy services.
  5. Legal Obligations

    • In some cases, we might need to process personal data to comply with legal requirements, such as regulatory obligations or to respond to lawful requests from authorities.

Legal Basis for Processing

  1. Consent

    • The primary basis for processing your personal data is your explicit consent. We ensure that consent is freely given, specific, informed, and unambiguous. You have the right to withdraw your consent at any time.
  2. Performance of a Contract

    • The processing of personal data is necessary for the performance of our services agreement. This includes activities necessary to prepare for or deliver hypnotherapy services, such as scheduling sessions or addressing specific therapeutic needs.
  3. Legitimate Interests

    • Some data processing activities are based on legitimate interests pursued by Mind Success, such as data analysis for business development and service improvement, provided that such processing does not outweigh your rights and freedoms.
  4. Legal Obligation

    • In certain circumstances, we may be legally required to process personal data to comply with legal obligations under UK law, such as maintaining financial records for tax purposes.
  5. Vital Interests

    • In rare situations, we may process data if it is necessary to protect someone’s life, which can be relevant in emergency medical situations.

Commitment to Data Protection Principles

At Mind Success, we adhere to the principles of data protection set forth by the UK GDPR, ensuring that all personal data is:

  • Processed lawfully, fairly, and transparently.
  • Collected for specified, explicit, and legitimate purposes.
  • Adequate, relevant, and limited to what is necessary.
  • Accurate and, where necessary, kept up to date.
  • Stored securely and protected against unauthorized or unlawful processing and accidental loss, destruction, or damage.

We are committed to respecting your privacy and handling your personal data with care and responsibility. If you have any questions or concerns regarding the processing of your personal data, please feel free to contact me, Paul Gibson, at paul@mindsuccess.co.uk. Your trust is vital to our practice, and we are dedicated to maintaining the highest standards of privacy and data protection.

Consent at Mind Success

Consent is a foundational element in the processing of personal data at Mind Success, particularly given the sensitive nature of the information we handle in our hypnotherapy practice. Here’s how we approach and manage consent:

Obtaining Consent

  1. Clear Communication:

    • When you first engage with our services, we provide clear, concise information about what data we need, why we need it, and how it will be used. This is typically communicated through a consent form or during an initial consultation.
  2. Informed Consent:

    • We ensure that all information necessary to make an informed decision is provided. This includes details about the specific types of data collected, the purposes of processing, any third parties with whom the data might be shared, and how long the data will be stored.
  3. Explicit Consent:

    • We obtain explicit consent from you before collecting or using your personal data. This is usually done through a written consent form, which you are asked to sign, indicating your agreement to the processing of your personal data as outlined in the form.
  4. Separate Consents:

    • For different processing activities (e.g., data collection for therapy purposes, data use for marketing), we seek separate consents to ensure clarity and to give you control over how your information is used.
  5. Digital and Paper-Based Consent:

    • Depending on your preference and our operational procedures, consent can be obtained either digitally (via email or an online form) or through a paper-based form during your visit to our practice.

Right to Withdraw Consent

  1. Easy Withdrawal Process:

    • You have the right to withdraw your consent at any time. We have made the withdrawal process straightforward and accessible. If you wish to withdraw your consent, you can do so by contacting us directly at paul@mindsuccess.co.uk.
  2. No Detrimental Effects:

    • Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
  3. Communication of Withdrawal:

    • Upon receiving your request to withdraw consent, we will promptly cease processing your data for the purposes you originally agreed to, unless we have another legal basis for continuing such processing. We will also confirm the cessation of processing with you.
  4. Continued Service Provision:

    • We strive to ensure that your decision to withdraw consent does not adversely affect your access to our hypnotherapy services. However, it may limit our ability to provide certain personalized aspects of our service that rely on the processing of specific data.

Record-Keeping

  • We maintain records of consent and withdrawals of consent as part of our commitment to compliance with data protection regulations.

At Mind Success, we value and respect your privacy choices. We are committed to ensuring that the consent process is transparent, informed, and respects your autonomy. Should you have any questions or concerns regarding the consent process, or if you wish to discuss your consent choices, please do not hesitate to contact me, Paul Gibson, at paul@mindsuccess.co.uk. We are here to support you and ensure that your experience with our practice aligns with your expectations and comfort regarding the use of your personal data.

Data Recipients at Mind Success

In the course of providing hypnotherapy services at Mind Success, certain personal data collected from our clients may be shared with specific recipients. It is important to emphasize that any sharing of data is conducted with utmost discretion and always in compliance with data protection laws. Below are the categories of recipients who may receive your data:

Internal Data Recipients

  1. Sole Practitioner (Paul Gibson):

    • As the sole practitioner and Data Protection Officer at Mind Success, I, Paul Gibson, am the primary recipient of the personal data. This access is essential for delivering personalized hypnotherapy services, managing client relationships, and ensuring the wellbeing of clients.
  2. Administrative Personnel (if applicable):

    • If Mind Success employs administrative staff or assistants, they may have access to certain data, such as contact information, for the purpose of scheduling appointments and managing client records. These individuals are trained in data protection and confidentiality.

External Data Recipients

  1. Third-Party Service Providers:

    • Certain third-party service providers, such as billing and payment processing companies, may have access to limited personal data (e.g., payment information) as necessary for performing their services.
  2. IT and Cloud Service Providers:

    • Providers of IT and cloud services may have access to data as part of their role in hosting and maintaining databases or software used by Mind Success. This can include data storage and management services.
  3. Professional Consultants (if applicable):

    • In some cases, professional consultants such as legal advisors, accountants, or business consultants may access certain data in the course of providing their services to Mind Success. This access would be limited to the data necessary for the purpose of their consultation.
  4. Regulatory Authorities and Law Enforcement (if required):

    • In certain circumstances, we may be legally obligated to share data with regulatory authorities, law enforcement, or other government entities. Such sharing would occur only to the extent required by law.

Compliance with Data Protection Laws

  • All third-party service providers engaged by Mind Success are carefully selected and contractually bound to comply with data protection laws. This includes obligations to keep your personal data secure and to process it only as instructed by Mind Success.

  • We ensure that any data transfer, especially to recipients outside the UK, is conducted in compliance with the UK GDPR and other relevant data protection regulations. Appropriate safeguards are put in place to protect your data in such instances.

  • Regular audits and reviews are conducted to ensure that all data recipients maintain the highest standards of data protection and privacy as set forth by Mind Success and under the law.

At Mind Success, we are committed to maintaining the confidentiality and integrity of your personal data. We take our responsibility seriously in selecting and monitoring data recipients to ensure they meet our high standards for data protection. If you have any questions about the recipients of your data or our data-sharing practices, please feel free to contact me, Paul Gibson, at paul@mindsuccess.co.uk. Your trust is paramount, and we are dedicated to upholding that trust through careful and compliant data management practices.

Data Retention at Mind Success

At Mind Success, we adhere to principles of data minimization and storage limitation, ensuring that personal data is not kept longer than necessary for the purposes for which it is processed. Our data retention policy reflects a balance between the need to provide ongoing hypnotherapy services and our commitment to respecting your privacy by not retaining data indefinitely. Here’s how we determine the data retention period:

Retention Period

  1. Client Data:

    • Personal data collected for the provision of hypnotherapy services is retained for a standard period of [Specify Period, e.g., 5 years] following the end of your last therapy session. This period is based on the need to access historical information for the potential provision of future services, and to comply with professional guidelines for record-keeping in therapeutic practices.
  2. Financial Records:

    • Data related to financial transactions, such as billing and payments, is retained for a minimum of [Specify Period, e.g., 6 years], in accordance with legal obligations for tax and accounting purposes.
  3. Health and Medical Information:

    • Due to the sensitive nature of health and medical information, this data is retained in line with the standards set by relevant health regulatory bodies and professional ethical guidelines. This typically aligns with the general client data retention period but may be subject to specific legal requirements.
  4. Consent Records:

    • Records of consent for data processing are retained for as long as the data to which they relate is held, plus an additional period to cover any potential disputes or queries regarding the consent given.

Criteria for Determining Retention Period

  1. Purpose of Data Collection:

    • The retention period is largely determined by the purpose for which the data was collected. For example, therapy session notes are kept for the duration necessary to provide ongoing care and support.
  2. Legal and Regulatory Requirements:

    • Certain laws and regulations dictate the minimum period for which different types of data must be retained, particularly financial and health-related data.
  3. Client Care and Continuity:

    • Retention periods consider the need for continuity of care. Access to historical data can be crucial for effective ongoing or future therapy.
  4. Security and Privacy Considerations:

    • We balance the need to retain data with the obligation to ensure data privacy and security. Data that is no longer needed is securely deleted or anonymized.

Post-Retention Disposal

  • Upon reaching the end of the retention period, personal data is securely and permanently deleted or anonymized, so it can no longer be associated with an individual.

Review and Updates

  • Our data retention policies are regularly reviewed and updated to ensure compliance with current legal obligations and best practices.

At Mind Success, we understand the importance of handling your personal data with care throughout its lifecycle, from collection to eventual disposal. If you have any questions about our data retention policy or how long your data will be stored, please feel free to contact me, Paul Gibson, at paul@mindsuccess.co.uk. We are committed to transparency and respect for your privacy in every aspect of our data management practices.

Client Rights at Mind Success

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, clients of Mind Success have specific rights regarding their personal data. These rights are a fundamental aspect of our commitment to data protection and privacy. Below, we outline these rights and explain how clients can exercise them:

1. Right to Access

  • Description: You have the right to access your personal data that Mind Success holds. This includes the right to be informed about how your data is being used, what data is being processed, and why.
  • How to Exercise: To request access to your data, please contact Paul Gibson at paul@mindsuccess.co.uk. We will provide a response within one month of receiving the request.

2. Right to Rectification

  • Description: If any personal data we hold about you is incorrect or incomplete, you have the right to ask us to correct or complete it.
  • How to Exercise: Contact us with the details of the data in question and the corrections required. We will take steps to make the necessary amendments without undue delay.

3. Right to Erasure (‘Right to be Forgotten’)

  • Description: In certain circumstances, you can request the deletion or removal of personal data where there is no compelling reason for its continued processing.
  • How to Exercise: Send a request to paul@mindsuccess.co.uk specifying which data you wish to be erased. We will assess the request and respond appropriately.

4. Right to Restrict Processing

  • Description: You have the right to ‘block’ or suppress the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or object to processing.
  • How to Exercise: Inform us of your desire to restrict processing, specifying the data affected and the reason for the restriction.

5. Right to Data Portability

  • Description: This right allows you to obtain and reuse your personal data for your own purposes across different services, where the processing is based on consent or a contract, and is carried out by automated means.
  • How to Exercise: Contact us with a request for data portability, and we will provide the data in a structured, commonly used, and machine-readable format.

6. Right to Object

  • Description: You have the right to object to the processing of your personal data based on legitimate interests, direct marketing, and processing for research and statistical purposes.
  • How to Exercise: Notify us of your objection, and we will review the processing activities to which you are objecting and respond accordingly.

7. Rights in Relation to Automated Decision Making and Profiling

  • Description: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
  • How to Exercise: Mind Success does not typically engage in such activities, but if this changes, you will be informed, and you can then exercise your rights as needed.

Exercising Your Rights

  • Contact Information: To exercise any of these rights, please contact Paul Gibson, the Data Protection Officer, at paul@mindsuccess.co.uk. We will respond to your request in accordance with the GDPR guidelines.

  • No Fee Usually Required: You will not have to pay a fee to access your personal data or to exercise any other right. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

  • Time Limit to Respond: We try to respond to all legitimate requests within one month. Occasionally, it may take us longer if your request is particularly complex or you have made a number of requests.

At Mind Success, we are committed to upholding your rights and ensuring you have full control over your personal data. If you have any questions about your rights or how to exercise them, do not hesitate to get in touch. We are here to assist you and ensure your data protection rights are fully respected.

Data Security at Mind Success

At Mind Success, we take the security of your personal data very seriously. We understand the sensitive nature of the information we handle, especially in the context of hypnotherapy services. To protect your data from unauthorized access, disclosure, alteration, and destruction, we have implemented a range of security measures:

Physical Security Measures

  1. Secure Storage: Physical documents containing personal data are stored in locked cabinets with restricted access.
  2. Controlled Access: Access to our premises is controlled and monitored to prevent unauthorized entry.

Digital Security Measures

  1. Data Encryption: Personal data stored digitally is encrypted to protect it during both storage and transmission.
  2. Secure Networks: We use secure, encrypted network connections to protect data from interception during electronic communications.
  3. Access Control: Access to digital records is restricted through the use of passwords and user authentication. Only authorized personnel have access to personal data, and their access is limited to what is necessary for their role.
  4. Regular Software Updates: We regularly update our software, including security and antivirus programs, to protect against the latest threats and vulnerabilities.

Organizational Measures

  1. Data Protection Training: All staff at Mind Success are trained in data protection and understand their responsibilities in keeping your data secure.
  2. Confidentiality Agreements: Staff members are bound by confidentiality agreements that cover the handling of personal data.
  3. Policy and Procedure Reviews: We regularly review our data protection policies and procedures to ensure they meet current best practices and legal requirements.

Data Breach Procedures

  1. Breach Detection and Response: We have procedures in place to detect and respond to data breaches. In the event of a data breach, we will act swiftly to investigate the breach, mitigate its impact, and take appropriate action.
  2. Notification: Should a data breach occur that poses a risk to your rights and freedoms, we will notify you and the relevant authorities as required by law.

Continuous Improvement

  • We are committed to continuously improving our data security measures. We regularly assess our security practices and update them as necessary to address new challenges and risks.

Partnership with Clients

  • We also encourage our clients to take an active role in protecting their personal data. This includes using secure communication methods when sending us personal information and notifying us immediately if they suspect any misuse of their data.

At Mind Success, the security of your personal data is paramount. We are dedicated to implementing and maintaining robust data security measures to ensure the confidentiality, integrity, and availability of your data. If you have any questions about our data security practices or how we protect your personal data, please do not hesitate to contact me, Paul Gibson, at paul@mindsuccess.co.uk. Your trust and confidence in our ability to safeguard your data are of the utmost importance to us.

International Data Transfers at Mind Success

Mind Success is primarily focused on serving clients within the UK. However, in certain situations, there may be a need to transfer personal data outside the United Kingdom. Below is an outline of our approach to international data transfers, including the scenarios in which they might occur and the safeguards we have in place to protect your data.

Circumstances of International Data Transfers

  1. Use of Cloud Services:

    • We may utilize cloud-based services for data storage or management, which might have servers located outside the UK. Such services could include email, document storage, or appointment scheduling tools.
  2. Collaboration with International Partners:

    • If there is a need to collaborate with international partners or consultants for enhancing our services or for professional development purposes, some data transfer might be necessary.
  3. Client Relocation or Travel:

    • If a client relocates or travels outside the UK but continues to use our services remotely, some degree of data transfer may be involved in maintaining our service provision.

Safeguards for International Data Transfers

  1. Compliance with UK GDPR Standards:

    • Any transfer of personal data outside the UK is done in compliance with the standards and requirements of the UK General Data Protection Regulation (UK GDPR). We ensure that the data protection laws in the recipient country offer an equivalent level of protection.
  2. Adequacy Decisions:

    • Where possible, we transfer data to countries that have been deemed to provide an adequate level of data protection by the UK authorities. This simplifies the process and provides a high level of data security.
  3. Standard Contractual Clauses (SCCs):

    • For countries without an adequacy decision, we use Standard Contractual Clauses approved by the UK authorities as a means to ensure that the data is adequately protected.
  4. Data Processing Agreements:

    • We enter into Data Processing Agreements (DPAs) with all third-party service providers involved in the processing of personal data, which include clauses specific to the protection of data in the context of international transfers.
  5. Client Consent:

    • In cases where international data transfers are based on client-specific situations (like relocation or travel), we ensure to obtain explicit consent from the client after informing them about the potential risks associated with such transfers.
  6. Data Minimization and Encryption:

    • We adhere to the principle of data minimization, ensuring only necessary data is transferred internationally, and employ encryption and other security measures to protect the data during transfer.

Regular Review and Monitoring

  • We regularly review our practices regarding international data transfers to ensure continued compliance with data protection laws and to adapt to any changes in the legal landscape.

At Mind Success, the protection of your personal data is our priority, regardless of where the data is processed or stored. We are committed to implementing appropriate safeguards to ensure the security and privacy of your data during any international transfer. Should you have any questions or require further information about our practices in this regard, please do not hesitate to contact me, Paul Gibson, at paul@mindsuccess.co.uk. Your peace of mind and the confidentiality of your personal information are paramount in all our data handling processes.

Automated Decision Making and Profiling at Mind Success

At Mind Success, we prioritize personal interaction and individualized care in our hypnotherapy services. As such, we want to be transparent about our use of automated decision making and profiling:

Use of Automated Decision Making and Profiling

  1. Current Practices:

    • As of now, Mind Success does not use automated decision-making processes or profiling in our services. All decisions that affect our clients are made with human involvement, ensuring a personalized and thoughtful approach to each individual’s care and treatment.
  2. Potential Future Use:

    • Should we consider incorporating automated decision-making tools or profiling techniques in the future to improve our services, clients will be informed promptly. Any such future use will be in compliance with the UK General Data Protection Regulation (UK GDPR) and will be implemented with the necessary safeguards to protect clients’ rights and freedoms.
  3. Commitment to Transparency:

    • In any scenario where automated decision making or profiling might be used, we commit to being fully transparent with our clients. We will provide detailed information about the logic involved, as well as the significance and the envisaged consequences of such processing for the client.
  4. Client Consent:

    • If at any point automated decision-making or profiling is used in a way that significantly affects clients, explicit consent will be obtained. Clients will always have the right to opt-out and seek human intervention in any decision-making process.
  5. Impact Assessment:

    • Prior to implementing any form of automated decision-making or profiling, we will conduct a thorough impact assessment to evaluate the effects on client privacy and to ensure compliance with data protection laws.

Client Rights Related to Automated Decision Making

  • Right to Information: Clients have the right to be informed about the use of any automated decision-making, including profiling.
  • Right to Human Intervention: Clients have the right to request human intervention, to express their point of view, and to contest decisions made solely based on automated processing.

At Mind Success, our focus remains on personalized care and the therapeutic relationship. We value the importance of human judgment and the nuanced understanding of each client’s unique needs and circumstances. Should you have any questions or concerns about the potential use of automated decision making or profiling in our practice, please feel free to contact me, Paul Gibson, at paul@mindsuccess.co.uk. We are committed to maintaining an open, transparent, and ethical approach in all our data processing activities.

Updates to the Privacy Policy at Mind Success

At Mind Success, we understand that privacy practices and legal requirements can evolve over time. To ensure our practices remain up-to-date and compliant with current laws and regulations, our Privacy Policy may undergo periodic revisions. Here’s how we manage updates to our Privacy Policy:

Frequency and Timing of Updates

  1. Regular Reviews:

    • Our Privacy Policy is reviewed regularly, at least annually, to ensure it accurately reflects our current practices and complies with legal and regulatory changes.
  2. As-needed Basis:

    • Updates may also occur more frequently if there are significant changes in our data processing practices, changes in data protection laws, or following any significant business changes or developments.

Notification of Changes

  1. Direct Communication:

    • When significant changes are made to the Privacy Policy, we will inform our clients directly. This communication could be through email, a notice on our website, or during an in-person session, depending on the nature of our interaction with the client.
  2. Accessibility of the Updated Policy:

    • The most current version of the Privacy Policy will always be accessible on our website. Clients can review the policy at any time to stay informed about how their personal data is being handled.
  3. Highlighting Key Changes:

    • In our communications and on our website, we will highlight key changes to make it easier for clients to understand the implications of these updates.

Client’s Acknowledgement

  • In some cases, especially where changes in the policy might affect the manner in which we process clients’ personal data, we may seek an acknowledgement or re-consent from the clients, ensuring they are fully aware and agreeable to the new terms.

Record Keeping

  • We maintain records of all versions of our Privacy Policy, tracking the changes made over time. This is part of our commitment to transparency and accountability in data protection practices.

Client Engagement

  • We value client feedback on our Privacy Policy and practices. Clients are encouraged to contact us with any questions, concerns, or suggestions regarding our Privacy Policy.

At Mind Success, we are committed to maintaining the highest standards of privacy and data protection. Keeping our Privacy Policy up-to-date and ensuring our clients are informed and comfortable with these updates is a key part of this commitment. Should you have any questions about our Privacy Policy or its updates, please do not hesitate to contact me, Paul Gibson, at paul@mindsuccess.co.uk. We are here to ensure that your privacy is always respected and protected.

Contact Information for Privacy-Related Inquiries at Mind Success

For any questions, concerns, or inquiries related to your privacy and the handling of your personal data at Mind Success, please feel free to reach out using the following contact details. As the Data Protection Officer and sole practitioner, I, Paul Gibson, am available to address any of your data protection needs:

Paul Gibson – Data Protection Officer and Sole Practitioner

  • Trading As: Mind Success
  • Email: paul@mindsuccess.co.uk
  • Office Address: St Georges Works. 51 Colegate, Norwich, Norfolk. NR3 1DD

Availability

  • I am available during standard business hours, and I strive to respond to all inquiries as promptly as possible. Please feel free to contact me via email or phone, whichever is most convenient for you.

Alternative Contact Methods

  • If you prefer a face-to-face discussion regarding your data privacy concerns, you are welcome to schedule an appointment to meet at our office. Please contact me in advance to arrange a suitable time.

Scope of Inquiries

  • You can contact me for a range of privacy-related matters, including:
    • Questions about how your personal data is being used.
    • Requests to access, rectify, erase, or restrict the processing of your data.
    • Concerns about the security of your personal information.
    • Any other issues related to your privacy and data protection rights.

Commitment to Your Privacy

  • At Mind Success, your privacy and the security of your personal data are of utmost importance. I am committed to providing clear, transparent, and timely responses to all your data protection queries and concerns.

Feel assured that your privacy-related inquiries will be handled with the highest level of professionalism and confidentiality. Your trust in Mind Success is valued, and we are dedicated to upholding that trust through responsive and respectful communication.

Complaints and Your Rights with the Information Commissioner’s Office (ICO)

At Mind Success, we are committed to the highest standards of privacy and data protection. However, we understand that there may be occasions where you might have concerns about the way your personal data is being handled. In such instances, we encourage you to reach out to us directly so that we can address your concerns promptly and effectively. Additionally, you should be aware of your right to lodge a complaint with a supervisory authority, particularly if you feel that your concerns have not been adequately resolved by us.

Your Right to Complain to the ICO

  1. Information Commissioner’s Office (ICO):

    • If you are not satisfied with our response to your privacy concerns, or if you believe that our processing of your personal data is not in compliance with data protection law, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
    • The ICO is the UK’s independent body set up to uphold information rights and data privacy for individuals.
  2. How to Contact the ICO:

    • Website: You can find information on how to make a complaint on the ICO’s website: www.ico.org.uk.
    • Helpline: The ICO also provides a helpline you can call for advice: 0303 123 1113.
    • Postal Address: If you prefer, you can write to the ICO at the following address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
  3. Timing of Complaints:

    • It’s generally recommended to raise the issue with us first, as this often leads to a quicker resolution. However, you are entitled to contact the ICO at any stage of your complaint.

Our Commitment to Resolving Issues

  • At Mind Success, we take every concern about data privacy and protection seriously and aim to resolve any issues in a fair, timely, and respectful manner. We encourage you to discuss any issues with us first, as we are dedicated to ensuring your satisfaction and trust in our handling of your personal data.

Remember, your privacy and the security of your information are paramount to us, and we are here to help with any concerns you may have. If you have any issues or questions, please do not hesitate to contact me, Paul Gibson, at paul@mindsuccess.co.uk. We are committed to working with you to resolve any issues and maintain the trust you place in our practice.

Have Questions? Get in Touch!

Office

Face to Face:
Norwich, Norfolk
Online via Zoom:
International

paul@mindsuccess.co.uk

+44 7795 023768

Newsletter

Mind Success is a trading name of Mind Success Therapies © 2024. All Rights Reserved. Privacy Policy

Our site uses cookies. Learn more about our use of cookies: cookie policy