Experiencing an emergency?Use these resources
emote Care

Emote Care Ltd — Privacy Policy


This Privacy Policy for Emote Care Ltd ('we', 'us', or 'our') describes how and why we collect, store, use, and/or share ('process') your information when you use our services.


Scope


  • When you visit our website at emotecare.com, or any website of ours that links to this Privacy Policy.
  • When you engage with us in other related ways, including sales, marketing, or events.

This Privacy Policy also explains your rights under the Data Protection Act 2018, UK GDPR, and EU GDPR ('Data Protection Laws'). If you do not agree with our policies and practices, please do not use our Services. For questions, contact info@emotecare.com.


Table of contents


  • A. What information do we collect?
  • B. How do we process your information?
  • C. Legal bases for processing your personal information
  • D. When and with whom do we share your personal information?
  • E. Cookies and other tracking technologies
  • F. How long do we keep your information?
  • G. How do we keep your information safe?
  • H. What are your privacy rights?
  • I. Controls for Do-Not-Track features
  • J. User-Generated content
  • K. Changes to Ownership or Control
  • L. Concerns and complaints
  • M. Changes to this policy
  • N. Contact us

Controller for personal data


Unless we notify you otherwise, Emote Care is the controller of your personal data for this website and where you interact directly with us.


A. What information do we collect?


All personal information you provide must be true, complete, and accurate, and you must notify us of any changes.


1.1 Personal information you disclose to us


We collect personal information that you voluntarily provide when you register, request information, participate in activities (e.g., engaging with a client or therapist), or contact us.


1.2 Personal Information Provided by You


  • Full names
  • Date of Birth
  • Phone numbers
  • Mailing addresses
  • Email addresses
  • Health/mental health data

1.3 Sensitive information


In certain situations, we may process health information you provide. Such processing complies with Data Protection Laws to ensure confidentiality and security.


1.4 Payment Data


We may collect data necessary to process payments (e.g., card information and billing address). Payment data is stored by our payment service provider as described in our Terms and Conditions.


1.5 Information automatically collected


We automatically collect device and usage information (e.g., IP, browser, OS, language, referring URLs, device name, country, usage timestamps, technical diagnostics) for security, operation, analytics, and reporting. This information does not reveal your specific identity.


1.6 Cookies


We use cookies and similar technologies. See our Cookies Policy for details.


The information we collect may include:


  • Log and Usage Data: IP address, device info, browser type, settings, feature usage, errors, and system events.
  • Device Data: device/application IDs, location, browser type, model, ISP/carrier, OS, configuration.
  • Location Data: precise or imprecise location (e.g., via IP/GPS). You can opt out in device settings; some features may be unavailable.

B. How do we process your information?


We process personal information depending on your interactions with our Services, including:


  • 2.1 Account creation, authentication, and management.
  • 2.2 Deliver and facilitate requested services.
  • 2.3 Enable user-to-user communications.
  • 2.4 Request feedback and contact you about your use.
  • 2.5 Send marketing and promotional communications (where appropriate).
  • 2.6 Deliver targeted advertising.
  • 2.7 Protect our Services (fraud monitoring and prevention).
  • 2.8 Identify usage trends to improve Services.
  • 2.9 Measure effectiveness of marketing campaigns.
  • 2.10 Protect vital interests (e.g., prevent harm).

We also process information to comply with legal obligations, respond to lawful requests, and enforce our terms. We may aggregate/anonymise data for analytics, research, and improvements.


C. Legal bases for processing your personal information


  • 3.1 Consent: where you have given clear consent.
  • 3.2 Performance of a Contract: to fulfil our obligations or at your request prior to entering into a contract.
  • 3.3 Legitimate Interests: where necessary for our legitimate interests and not overridden by your rights (e.g., improving user experience).
  • 3.4 Legal Obligations: to comply with laws or respond to requests from authorities.

Special categories of data (e.g., health/mental-health) require explicit consent, which we will request where applicable.


Categories of personal dataPurposeLegal basis
Name, email address, and financial information, other basic detailsTo provide our services to you, to share your data with therapists who will contact you to arrange a session, and to enable you to connect with therapists and obtain servicesContractual Necessity under article 6.1.c of Data Protection Laws
Medical history, therapy goals, gender, and marital statusTo provide our services to you and to enable you to connect with therapists and obtain servicesContractual Necessity under article 6.1.c of the EU and the UK GDPR and explicit consent under article 9.a of Data Protection Laws
Name, and email address of TherapistsTo send marketing emails to promote our services to therapistsLegitimate interests under article 6.1.f of Data Protection Laws
Name, and email address of patients who provide their details to usTo send marketing emails to promote our servicesLegitimate interests under article 6.1.f of Data Protection Laws
HTTP Headers, IP addresses, information about the web browser, Conversion events, actions you take on our website (e.g., buttons clicked), unique cookie identifier, device ID, device attributes (model, resolution), OS, timestampsTo analyze visitor behavior on our website, improve our content, website, services, and matching algorithmLegitimate interests under article 6.1.f of Data Protection Laws; or Consent under article 6.1.a of Data Protection Laws
Emergency contact detailsTo protect patients and to inform their emergency contact of any issues or medical emergenciesLegitimate Interests of the patients under article 6.1.f of Data Protection Laws
All dataTo comply with applicable lawsLegal obligation
All dataTo prevent fraud, to protect our rights and to ensure security of our platform and servicesLegal obligation

D. When and with whom do we share your personal information?


  • Internally: employees/contractors on a need-to-know basis.
  • With your therapists: details necessary to provide services and communicate with you.
  • Service Providers & Business Partners: e.g., payments, IT, support, marketing, analytics—under appropriate agreements. Client health info may be shared to ensure proper fit.
  • Professional advisers: lawyers, bankers, auditors, insurers.
  • Business Transfers: merger, asset sale, financing, or acquisition—notice will be provided; the acquiring entity must comply with this Policy unless new terms are offered.
  • International Transfers: outside UK/EU only with adequate protection (adequacy decisions or approved safeguards, e.g., Art. 46 UK/EU GDPR).
  • Aggregated/Anonymised Data: may be shared for research, analytics, marketing, or other lawful purposes.
  • Legal Compliance: to comply with law, respond to legal requests, or protect rights/safety.

E. Cookies and other tracking technologies


We use cookies to collect personal information. You may refuse cookies, but this may affect site functionality. See our Cookies Policy for details.


F. How long do we keep your information?


  • We keep personal information only as long as necessary for the purposes set out in this Policy, unless a longer period is required/permitted by law.
  • When no ongoing legitimate business need exists, we delete or anonymise; if stored in backups, we securely store and isolate until deletion is possible.
  • We review retention practices regularly. Contact us for questions or deletion requests; legal requirements may require longer retention.

G. How do we keep your information safe?


  • We implement appropriate technical and organisational measures, including modern encryption methods endorsed by NIST, tokens, and credential factors.
  • No electronic transmission or storage is 100% secure. Transmission is at your own risk. Access Services within a secure environment.
  • We maintain an incident response plan for data breaches/security incidents, including assessments, notifications, and remediation.
  • You must keep your credentials secure and notify us of any unauthorised access or use.

H. What are your privacy rights?


Under Data Protection Laws you have certain (not absolute) rights:


  • Access (data subject access request).
  • Rectification (correction of inaccurate/incomplete data).
  • Erasure (subject to legal limits and exceptions).
  • Object to processing based on legitimate interests (subject to our compelling interests or legal claims).
  • Restriction (in specific scenarios).
  • Data portability (in some circumstances).
  • Automated decision making: we do not conduct automated decisions.

You will not generally pay a fee to exercise rights, but we may charge a reasonable fee where a request is unfounded, repetitive, or excessive. We may request information to verify identity and aim to respond within one month (or longer if complex; we will update you).


Withdrawing consent


If processing relies on consent, you may withdraw it at any time via the contact details below or by updating preferences. This does not affect past lawful processing or other lawful bases.


Opting out of marketing


You can unsubscribe at any time using the link in our emails or by contacting us. We may still send service or account messages.


Account information


Review or change your account details in account settings. Upon termination, we will deactivate/delete from active databases but may retain some information for legal purposes.


For rights queries, privacy@emotecare.com


I. Controls for Do-Not-Track features


There is no uniform standard for recognising DNT signals, so we do not currently respond to them. If a standard we must follow is adopted, we will update this Policy.


J. User-Generated content


Content you post (e.g., reviews, comments, photos) may be publicly accessible. Please avoid sharing personal information in public forums.


K. Changes to Ownership or Control


If ownership/control changes (e.g., merger or acquisition), your personal information may transfer to new owners. We will notify you and provide choices.


L. Concerns and complaints


We would appreciate the chance to address concerns first (see Contact us). UK residents may complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk. You may also complain to another supervisory authority if outside the UK.


M. Changes to this policy


We may update this Policy. The updated version is effective when accessible and marked with a revised date. Material changes may be notified prominently or via direct notice.


This Privacy Policy was last updated on 02 July 2024.


N. Contact us


For questions or comments, contact privacy@emotecare.com.