Privacy Policy

Updates: 02nd September 2024

Introduction

Therasee Limited ("Therasee", "we", "us", "our") is committed to protecting and respecting your privacy. This policy outlines our practices regarding the collection, use, and sharing of information about you through the use of our services. By using our platform, you agree to the collection and use of information in accordance with this policy.

Definitions

Personal Data: Any information relating to an identified or identifiable individual who can be directly or indirectly identified from that data. This may include, but is not limited to, names, email addresses, phone numbers, and location details.

Usage Data: Information collected automatically through the use of our Service, which may include details such as your device's Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

Cookies: Small files stored on your device (computer or mobile device) that help us to improve our Service and your experience.

We, Us, Our or Company means Therasee Ltd.

You or Your means you, your organisation.

Software, Services, or Therasee means the software and associated services provided and developed by the Company which may be supplied to you.

Information Collection and Use

We collect several types of information for various purposes to provide and improve our service to you.


Types of Data Collected
  • Personal Data: While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. This may include, but is not limited to:
    • Name
    • Email address
    • Phone number
    • Address
  • Usage Data: We may also collect information on how the Service is accessed and used. This Usage Data may include details such as your computer's Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

Third-Party Services

To enhance the functionality and performance of our services, we partner with reputable third-party service providers, each chosen for their commitment to privacy and security:

  • Amazon Web Services (AWS): Our service infrastructure is hosted on AWS, with servers located in the UK, ensuring that your data is stored domestically under UK data protection laws.
  • Intercom: We use Intercom to enhance our customer support and improve communication. Intercom may process information such as contact details and conversation history to better facilitate these interactions.
  • MongoDB Atlas: Serving as our primary database service and hosted within the UK, MongoDB Atlas securely stores all types of data, including Personal and Usage Data, adhering to stringent security standards.
  • Jitsi as a Service (JaaS): We employ Jitsi for our video conferencing features, where data such as video and audio communication, along with any shared content during a conference, is processed securely.
  • Google Analytics: This tool helps us track website traffic and understand user interactions in an anonymised manner. It may collect data such as your IP address, browser type, and usage patterns, without identifying individual users.
  • Stripe: For secure payment processing, we use Stripe, which handles transactions including billing details and, where necessary, bank account information.
  • Microsoft Azure: We use Azure for processing audio data to transcribe speech into text in real-time, which we have developed to ensure this securely handles your data in compliance with strict privacy regulations.
  • Google Calendar: We use Google Calendar integration to sync appointments and events between Therasee and your Google Calendar. This involves reading event details such as start time, end time, title, description, and location from Google Calendar, and writing appointment details like title, start time, end time, attendees, and recurrence rules to Google Calendar. The integration is performed securely and in compliance with privacy regulations, and you have control over enabling or disabling this sync.

We ensure that data sharing with third parties is strictly for the purposes of delivering the services you engage with, such as processing payments through Stripe, and always in strict compliance with GDPR and HIPAA guidelines.

How We Use Your Data

Therasee Ltd uses the collected data for various purposes:

  • To provide and maintain our service
  • To notify you about changes to our service
  • To allow you to participate in interactive features of our service when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve the service
  • To monitor the usage of the service
  • To detect, prevent, and address technical issues
Transfer of Data

Your information, including Personal Data, may be transferred to and maintained on computers located outside of your location, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. However, if you are located in the European Economic Area (EEA) or the UK, your data will be processed by us in the UK. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Disclosure of Data

Legal Requirements: Therasee Ltd may disclose your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of Therasee Ltd
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public
  • Protect against legal liability
Security of Data

We understand the significance of protecting your personal information, especially within the digital landscape where no system can be impenetrable. However, we are committed to implementing robust security measures designed to protect your personal data against unauthorised access, use, or disclosure. Our strategies include state-of-the-art encryption technologies and the deployment of our services within highly secure UK-based data centres. While absolute security cannot be guaranteed, we continuously refine our security practices to ensure they meet high standards in accordance with GDPR and HIPAA guidelines, reinforcing our commitment to data protection.

International Transfer of Data

Your personal information may be stored or processed on computers situated outside your local region, including places where data protection laws might vary from those of your jurisdiction. At Therasee, we are committed to ensuring the secure and lawful handling of your data regardless of where it is processed. We adhere strictly to this privacy policy and comply with applicable data protection regulations, including GDPR, for all data transferred outside the UK or the EEA, ensuring your personal information is treated with the highest standards of security and confidentiality.

Data Retention

We retain your personal data only as long as necessary to fulfill the specific purposes outlined in this Privacy Policy. Your data will be maintained to the extent required to comply with our legal obligations (such as those mandated by applicable laws), resolve disputes, and enforce our legal agreements and policies. This ensures that we handle your personal information responsibly and in accordance with legal and regulatory requirements.

Password and Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. You are responsible for keeping your password confidential and for notifying us if you believe your password or account has been compromised.

Links to Other Websites

Our Service may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Your Data Protection Rights

Under data protection laws, you have rights including:

  • Right of access - You have the right to request copies of your personal data from us.
  • Right to rectification - You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to erasure - You have the right to request that we erase your personal data, under certain conditions.
  • Right to restrict processing - You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to object to processing - You have the right to object to our processing of your personal data, under certain conditions.
  • Right to data portability - You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will also let you know via email and/or a prominent notice on our website prior to the change becoming effective. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

For questions or concerns about our privacy policy or the use of your personal information, please contact us at privacy@therasee.com or at our address:

Therasee Limited
71-75 Shelton Street,
Covent Garden,
London,
WC2H 9JQ
United Kingdom

Therasee is registered with the ICO under ref: ZB610705