Privacy Policy

Last updated: Wednesday, 23rd July, 2025

This policy explains how I collect, use, store, and protect your personal information. It applies to this website and my therapy practice, and is written with care, transparency, and respect.

Who I am

I'm Tayler Remi, a psychotherapist offering online and in-person therapy across the UK. You can contact me with any privacy questions at: tayler@taylerremitherapy.com

I am the data controller for any personal data you share with me.

What personal data I collect and why

If you use my contact form, you may share:

  • Your name or preferred way of being addressed

  • Pronouns (optional)

  • Email address (required)

  • Phone number (required)

  • Preferred contact method (e.g. text, email, WhatsApp)

  • Boundaries around contact (e.g. when not to message)

  • Therapy preferences (e.g. ADHD/autism, trauma)

  • Access needs or adjustments

  • Any background you choose to share (e.g. what's bringing you to therapy)

Some of this may be considered special category data under UK GDPR - especially if it relates to your mental health, identity, or access needs. I only invite what feels okay to share at this stage. Fuller details are gathered if we decide to work together.

If we work together

I collect the following to support our therapy work:

  • A short pre-assessment form to check therapy fit, availability, and access needs

  • Your signed therapy agreement, consent form, and relevant clinical information

  • Ongoing session notes

  • Basic administrative info (contact, payments, appointments)

I keep two types of notes:

  • Clinical notes, stored in Kiku, which are short factual records of each session (e.g. date, themes, risk, relevant info)

  • Personal process notes, kept separately, which include private reflections to support my thinking and supervision

If you request access to your data, I’ll share the clinical notes in your file. Process notes are not part of your official record and are not shared.

All data is securely stored in Kiku, a UK-based encrypted practice platform designed for therapists.

Legal bases for collecting your data

I only collect and use your data where I have a valid legal basis:

  • Consent — for optional information you choose to give

  • Contract — to provide therapy sessions

  • Legal obligation — for safeguarding or record-keeping standards

  • Legitimate interests — for basic analytics or admin

How I use and store your information

Your data is used solely to:

  • Communicate with you

  • Assess therapy fit and plan sessions

  • Provide therapy in line with our agreement

  • Keep necessary records for ethical and legal standards

I store data securely in Kiku, where it is encrypted in transit and at rest. Only I have access. I do not store paper notes. Emails are managed via Gmail with my domain (@taylerremitherapy.com), and I encourage clients to avoid using email for sensitive content unless agreed.

How long I keep your data

  • Therapy records: retained for 7 years after our work ends (as per BACP guidance and insurance standards)

  • Enquiries: if you contact me but don’t go on to become a client, your information will be securely deleted after 12 months

Sharing of data

Your information is kept private and never sold or shared for marketing.

I may share limited data with:

  • My clinical supervisor (anonymised)

  • My booking/notes platform (Kiku)

  • Zoom Pro, for online sessions (never recorded, always password-protected)

  • WhatsApp (with your consent) may be used for brief admin contact like rescheduling. Messages are end-to-end encrypted, but I don’t use WhatsApp for therapeutic content.

  • Your GP or emergency services, but only if there’s serious risk or legal requirement - and I’ll try to discuss it with you first whenever possible

Your rights

You have rights under UK GDPR, including to:

  • Access a copy of the data I hold about you

  • Ask for it to be corrected or deleted

  • Withdraw consent (where applicable)

  • Request limits on how it’s used

Therapy notes are generally retained for 7 years and cannot be deleted sooner unless required by law. I’ll always explain what can and can’t be deleted, and remove you from any optional records immediately.

To make a request, contact me directly through my email, and I’ll respond within 30 days.

If you’re unhappy with how your data is handled, you can contact the Information Commissioner’s Office (ICO).

Cookies and analytics

This site uses:

  • Squarespace Analytics and Google Analytics to understand basic website traffic and improve user experience

  • A cookie banner (powered by Squarespace) to let you manage your settings and choose whether to accept non-essential cookies

  • Squarespace to store contact form submissions securely. Form data is stored securely in Squarespace and may also be sent to my email inbox for administrative purposes.

  • Google reCAPTCHA to protect forms from spam and abuse. reCAPTCHA may use cookies and user behaviour tracking. By submitting the form, you agree to Google’s Privacy Policy and Terms of Service

You can choose to accept or reject non-essential cookies when you visit the site.

This site and my services are intended for adults aged 18 and over. I do not knowingly collect personal data from children.

Final notes

I regularly review my privacy practices. This policy will be updated if anything changes.
If you ever have questions or concerns, I’m happy to talk it through.