top of page

Privacy Policy

Who I Am

Klaudia Magdalena Therapy is a private counselling and psychotherapy practice based in Scotland.

I am registered with the Information Commissioner’s Office (ICO) and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

What Information I Collect

Website Visitors

When you use this website (hosted by Wix), I may collect:

Your name

Email address

Telephone number (if provided)

Information submitted via contact forms

IP address

Website usage data (via cookies)

Wix may automatically collect certain technical information such as IP address and browser data for security and analytics purposes.

What Is Personal Data?

Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

Prospective Clients

If you contact me to enquire about therapy, I may collect:

Your contact details

The reason for your enquiry

Availability preferences

Clients

If you enter into a therapeutic agreement with me, I will collect:

Name, address, date of birth

GP details

Emergency contact details

Relevant background or health information

Session notes

Payment records

Therapy notes and health information are classified as special category data under UK GDPR and are handled with enhanced confidentiality and security.

Lawful Basis for Processing

Under UK GDPR, the lawful bases I rely on are:

Contract – to provide counselling services

Legitimate interest – responding to enquiries and maintaining records

Legal obligation – safeguarding and regulatory requirements

Article 9(2)(h) – provision of health care (for special category data)

How Your Data Is Stored

Client records are stored digitally on password-protected and encrypted devices.

Email accounts are secured with strong passwords and two-factor authentication where available.

No paper records are kept.

Access to your information is limited to me only.

I take appropriate technical and organisational measures to protect your data from loss, misuse, or unauthorised access.

Online Sessions (Zoom)

Online sessions are conducted via Zoom.

Zoom acts as a data processor. Sessions are not recorded.

I use password-protected meetings and appropriate security settings.

Zoom’s privacy policy can be found on their website.

Website Hosting (Wix)

This website is hosted by Wix.com Ltd. Wix stores data on secure servers and acts as a data processor.

Wix’s privacy policy can be found on their website.

Confidentiality and Disclosure

All sessions are confidential.

Confidentiality may only be broken where:

There is risk of serious harm to you or others

There are safeguarding concerns

Disclosure is required by law or court order

Where possible, this would be discussed with you first.

Data Retention

I will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. 

Your Rights Under UK GDPR

You have the right to:

Access your personal data

Request correction of inaccurate data

Request erasure (in certain circumstances)

Restrict or object to processing

Data portability

Lodge a complaint with the Information Commissioner’s Office (ICO)

ICO website: https://www.ico.org.uk

Contact

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Klaudia Grubska

Email: hello@klaudiamagdalenatherapy.com

Changes to this Privacy Policy

I may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if I change my business in a way that affects personal data protection.

Any changes will be immediately posted on Our Site, and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up to date. This Privacy Policy was last updated in February 2026.

bottom of page