Ascend Wellness Logo

Privacy Notice (GDPR Compliance)

At Ascend Wellness, your privacy and the protection of your personal data are of utmost importance to us. This Privacy Notice explains how we collect, use, store, and protect your information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Ascend Wellness is registered with the Information Commissioner’s Office (ICO) and adheres to its data protection principles.

 

Data We Collect

At Ascend Wellness, we collect and process the following personal data:

  • Contact Information: Name, address, phone number, email address
  • Personal Details: Date of birth, gender, emergency contact information
  • Health Information (Special Category Data): Medical history, mental health status, therapy notes, and records
  • Financial Information: Payment details and billing information
  • Digital Session Data: Information related to online therapy sessions, including secure Zoom communications and session notes

 

Purpose of Data Collection

Your personal data is collected for the following purposes:

  • To provide safe, effective, and personalised therapy services (including online and Zoom sessions)
  • To maintain accurate and up-to-date clinical records
  • To comply with legal, ethical, and regulatory requirements
  • To communicate with you regarding appointments, therapy, online access details, and billing

 

Legal Basis for Processing

The legal basis for processing your personal data includes:

  • Consent: Where you have given explicit consent, particularly for processing health-related (special category) data and participation in online therapy
  • Contract: Where processing is necessary to provide therapy services agreed with you
  • Legal Obligation: To comply with applicable legal and professional requirements
  • Legitimate Interests: For the safe and effective operation of the practice, provided your rights are not overridden

 

Online and Zoom Therapy

Ascend Wellness offers online therapy sessions using secure platforms such as Zoom. While reasonable steps are taken to ensure confidentiality and security, including the use of password-protected meetings and secure devices, no online platform can be guaranteed as completely secure.

By engaging in online therapy, you acknowledge and accept the potential risks associated with digital communication. You are encouraged to attend sessions in a private, secure environment to maintain confidentiality.

 

Data Storage and Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

This includes:

  • Encrypted digital systems
  • Password-protected devices
  • Secure storage of clinical records
  • Use of secure platforms for online therapy sessions

 

Data Retention

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected and to comply with legal and professional requirements.

Therapy records are typically retained for 8 years after the end of treatment (or longer in the case of children), in line with professional guidelines.

 

Insurance and Professional Practice

Ascend Wellness is insured through Balens, a specialist provider of professional liability insurance for therapists and wellbeing practitioners.

This ensures appropriate professional cover is in place; however, your personal data remains confidential and is only shared where legally required or necessary in relation to insurance claims or legal obligations.

 

 

Your Rights

Under UK GDPR, you have the following rights:

  • Right to Access: Request access to your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data where applicable
  • Right to Restrict Processing: Request restriction of processing
  • Right to Object: Object to processing under certain conditions
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

 

Complaints

If you have concerns about how your data is handled, please contact us in the first instance.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk

 

Last updated: 3 April 2026