← Return to Reception GDPR & Clinical Data

Privacy Policy

Last Updated: January 2026

Sepals Psychology Ltd is committed to protecting your privacy. This policy details how we collect, store, and use personal data in compliance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

1. Who We Are

Data Controller: Sepals Psychology Ltd
Registered Office: 21 Knightsbridge, London, SW1X 7LY
Company Number: 13811851
Regulator: Information Commissioner's Office (ICO)

2. Data We Collect

As a clinical practice, we collect two categories of data:

Personal Data: Name, address, email, telephone number, and payment details.
Sensitive Data (Special Category): Clinical notes, psychological assessments, medical history, and information regarding your child's educational needs. This data is collected solely for the purpose of providing clinical services.

3. How We Use Your Data

We process your data under the lawful basis of "Contract" (to deliver the service you bought) and "Legitimate Interests" (clinical governance). Specifically, we use your data to:

Schedule appointments and communicate regarding your treatment plan.
Process payments and issue invoices.
Maintain accurate clinical records in line with HCPC standards.
Send requested resources (e.g., the Apex Kit).

4. Data Storage & Security

Your confidentiality is paramount. All digital clinical records are encrypted and stored on secure, GDPR-compliant servers. Any physical notes are stored in locked cabinets. We retain clinical records for 7 years following the end of treatment (or until the child turns 25), as required by professional guidelines.

5. Your Rights

Under GDPR, you have the right to:

Request access to the personal data we hold about you (Subject Access Request).
Request correction of inaccurate data.
Request erasure of your data (the "Right to be Forgotten"), subject to our legal obligation to retain clinical records.

To exercise any of these rights, please contact our Data Protection Officer at enquiries@sepals.co.uk.