Privacy Policy

practicewize ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you use the practicewize platform, website, and related services (together, the "Services").

This policy is written to align with UK GDPR, the Data Protection Act 2018, and best practice for therapy and healthcare-related platforms.

1. Who We Are

practicewize is a therapy practice management platform designed to support therapists and counselling practices with scheduling, client management, secure communications, payments, and practice insights.

For the purposes of data protection law, practicewize is a Data Processor in relation to client/patient data entered by therapists, and a Data Controller in relation to account holder data, marketing data, and website usage data.

2. Data We Collect

We collect different types of personal data depending on how you use the Services.

a) Account & Practice Data (Therapists / Practice Owners)

• Name
• Email address
• Business name
• Billing details
• Login credentials (encrypted)
• Subscription and payment status

b) Client / Patient Data (Entered by Therapists)

• Client names and contact details
• Session dates and times
• Client notes and records
• Intake forms, agreements, and consent forms
• Invoices and payment records

practicewize does not determine the purpose or content of client notes. Therapists remain the Data Controllers for this data.

c) Technical & Usage Data

• IP address
• Device and browser information
• Pages visited and features used
• Date and time of access

d) Aggregated & Anonymised Data

We may collect anonymised, aggregated data such as:

• Number of sessions per therapist
• Time-of-day booking patterns
• Cancellation rates
• Feature usage trends

This data cannot identify individuals and may be used for analytics, reporting, and product improvement.

3. How We Use Your Data

We use personal data to:

• Provide and operate the practicewize platform
• Manage user accounts and subscriptions
• Enable scheduling, payments, and secure communications
• Improve platform performance and usability
• Provide customer support
• Meet legal and regulatory obligations

We do not sell personal data.

4. Legal Basis for Processing

Under UK GDPR, we rely on the following lawful bases:

• Contract – to provide the Services you sign up for
• Legitimate Interests – to improve and secure our platform
• Legal Obligation – where required by law
• Consent – where explicitly obtained (e.g. marketing communications)

Therapists are responsible for establishing a lawful basis for processing their clients' data.

5. Data Storage & Security

We take data security seriously and use appropriate technical and organisational measures, including:

• Encrypted data storage
• Secure access controls
• HTTPS and encrypted data transmission
• Regular security updates and monitoring

Client notes and sensitive data are treated as special category data and protected accordingly.

6. Data Retention

• Account and billing data is retained for as long as your account is active and as required by law
• Client data is retained according to the settings and actions of the therapist
• Anonymised analytics data may be retained indefinitely

Therapists are responsible for their own data retention policies for client records.

7. Sharing Data

We may share data with trusted third-party service providers where necessary, such as:

• Payment processors
• Hosting and infrastructure providers
• Email and communication services

All third parties are required to comply with data protection law and confidentiality obligations.

We do not share client data for advertising purposes.

8. International Transfers

Where data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:

• Adequacy decisions
• Standard contractual clauses

9. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request erasure (where applicable)
• Restrict or object to processing
• Data portability
• Lodge a complaint with the Information Commissioner's Office (ICO)

Therapists should direct client data requests to the relevant therapist or practice.

10. Cookies

practicewize uses cookies and similar technologies to:

• Keep you logged in
• Understand how the platform is used
• Improve performance and reliability

You can manage cookie preferences through your browser settings.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated via the website or platform.

12. Contact Us

If you have any questions about this Privacy Policy or how data is handled, you can contact us at:

Email: contact@practicewize.com