Privacy Policy

At Arogya CBT, your privacy is extremely important to us. This Privacy Policy explains how we collect, use, store, and protect your personal information when you receive therapy services or interact with this website. We are committed to maintaining the highest standards of confidentiality and data security, in line with the UK GDPR and the Data Protection Act (2018).

If you have any questions, please contact:

info@arogyacbt.com

1. Who We Are

Arogya CBT provides online Cognitive Behavioural Therapy services.
Throughout this policy, “we”, “us”, and “our” refer to Arogya CBT.

2. Information We Collect

We collect only the information necessary to provide safe, ethical, and effective therapy.

2.1. Personal Details

• Name

• Date of birth

• Contact information (email, phone, address)

• Emergency contact details

2.2. Therapy Information

• Details about your presenting difficulties

• Therapy aims and goals

• Clinical notes taken during or after sessions

• Assessment forms or outcome measures

• Emails or messages you send to us

2.3. Payment Information

• Records of payments (e.g., bank transfer confirmations)
  We do not store card details.

3. How We Use Your Information

Your information is used to:

• Provide therapy and psychological support

• Manage appointments

• Keep accurate and secure clinical records

• Process payments

• Communicate with you between sessions (non-emergency only)

• Comply with legal and professional obligations

We do not use your information for marketing without your explicit consent.

4. Confidentiality

Everything discussed in therapy is kept private and confidential.

Confidentiality may only be broken if:

• There is risk of serious harm to you or someone else

• There are safeguarding concerns

• Illegal activity is disclosed

• Required by law or a court order

Whenever possible, this will be discussed with you first.

5. How Your Data Is Stored

We take data security seriously.

5.1. Physical Notes

• Kept in a locked, secure location

• Accessible only to the therapist

5.2. Digital Notes

• Stored in an encrypted, password-protected database

• Accessible only to the therapist

5.3. Emails & Online Information

• Stored in a secure, encrypted email system

• Deleted when no longer needed for clinical or administrative purposes

6. How Long We Keep Your Data

Clinical notes are stored for 7 years after therapy ends (or until a young person turns 25), in accordance with professional standards and UK law.

After this time, data is permanently destroyed.

7. When Your Information May Be Shared

Your information will not be shared with third parties unless:

• You give explicit written consent

• It is required for safeguarding or safety

• A court orders disclosure

• Emergency services require information

Supervision discussions are anonymised and contain no identifying details.

We will never sell your information or use it for advertising.

8. Your Rights Under GDPR

You have the right to:

• Access the information we hold about you

• Request corrections to inaccurate information

• Request deletion (where legally possible)

• Restrict processing of your data

• Withdraw consent at any time

• Request a copy of your therapy records

To exercise any of these rights, email: info@arogyacbt.com

9. Legal Basis for Collecting Your Data

We collect and process your data based on:

• Contractual necessity (to provide therapy)

• Legitimate interests (maintaining secure records)

• Legal obligations (safeguarding, court requirements)

• Consent (e.g., audio recordings, information shared with referrers)

10. Data Breaches

If a data breach occurs:

• You will be notified within 72 hours

• The ICO (Information Commissioner’s Office) will be informed if required

• We will take immediate steps to secure your data and prevent further risk

11. Changes to This Privacy Policy

This policy may be updated occasionally. The most recent version will always be available on request.