Legal

Privacy Policy

Last updated: May 2026

This privacy notice explains how Helping Lives Hypnotherapy (“I”, “me”, “my”) collects, uses and protects your personal information. It applies to the helpingliveshypnotherapy.co.uk website and to the therapy services provided by Magda Velleman.

I am the data controller for the personal information described below. You can contact me at [email protected].

What I collect

  • Enquiry data: name, email address and the message you send via the contact form.
  • Client records: session notes, intake details and goals you share with me as part of therapy.
  • Communications: emails, messages and call recordings (only with your explicit prior consent).
  • Technical data: anonymous, aggregated usage analytics if enabled.

Why I collect it

  • To respond to your enquiry and arrange a discovery call.
  • To plan and deliver your therapy sessions effectively.
  • To meet professional, ethical and legal record-keeping obligations under the National Hypnotherapy Society code of ethics.

Lawful basis

I rely on contract (to provide the service you've asked for), legitimate interest (responding to enquiries, running the business) and where required, your explicit consent (special category health data).

How long I keep it

Enquiry data that doesn't lead to a booking is deleted within 6 months. Client records are retained for 7 years after our last session, in line with professional indemnity insurance requirements, then securely destroyed.

Who I share it with

Your information is not shared with third parties for marketing. It is only shared in these limited cases: with my professional supervisor (anonymised where possible) for clinical supervision required by my professional body; with my insurer in the event of a claim; or where required by law (e.g. court order, safeguarding concerns about immediate risk of harm).

Your rights

Under UK GDPR you have the right to access, correct, delete or restrict use of your personal data, to object to processing, and to data portability. Email me to exercise any of these rights.

You also have the right to complain to the Information Commissioner's Office (ico.org.uk) if you believe I've mishandled your data.

Security

Client records are kept encrypted. Session video is conducted over a secure, end-to-end encrypted platform. I never store recordings of sessions without explicit prior consent.

Changes to this policy

I'll update this notice if anything material changes and post the new version here with a revised “Last updated” date.