Data Protection Overview

TalksFromTherapy is designed specifically for mental health professionals who need secure, GDPR-compliant transcription services. We take your privacy and your patients' privacy seriously.

📋 What Data We Process

Professional Data (About You)

• Account Information: Name, email, professional license number (optional)
• Usage Data: Login times, session activity, feature usage

Patient Data (Under Your Control)

• Patient Identifiers: Only initials (no full names)
• Audio Recordings: Temporary processing only, deleted after transcription
• Transcriptions: Encrypted text of therapy sessions
• Session Notes: Your therapeutic observations and notes

Why We Process Data

• Service Delivery: Provide AI transcription and session management
• Account Management: User authentication and account security
• Technical Support: Troubleshoot issues and improve service quality
• Security: Prevent fraud, protect against unauthorized access

🔐 How We Protect Your Data

Technical Measures

• AES-256 Encryption: All sensitive data encrypted at rest
• HTTPS/TLS: Secure transmission of all data
• Access Controls: You only see your own data
• Audit Logging: All data access is logged and monitored

Organizational Measures

• Principle of Least Privilege: Staff access only when necessary
• Regular Security Reviews: Ongoing security assessments
• Data Processing Agreements: All vendors bound by strict contracts

🌍 Data Processing Location

Your data is processed in EU data centers with appropriate safeguards. We do not transfer personal data outside the European Economic Area without adequate protection.

⏰ Data Retention

• Account Data: Retained while your account is active
• Patient Data: Retained according to your professional requirements
• Audio Files: Deleted immediately after transcription
• Backups: Secure encrypted backups for disaster recovery

🍪 Cookie Policy

TalksFromTherapy uses cookies to enhance your experience and ensure the platform functions correctly. We follow GDPR requirements for cookie consent and transparency.

Necessary Cookies (Always Active)

These cookies are essential for the platform to function and cannot be disabled:

Analytics Cookies (Optional - Requires Consent)

Help us understand usage patterns to improve the platform:

Functional Cookies (Optional - Enhances Experience)

Remember your preferences for a personalized experience:

👤 Your Rights (GDPR)

As a data subject, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Export your data in a standard format
• Withdraw Consent: Stop processing at any time

🚨 Data Breach Notification

In the unlikely event of a data breach affecting personal data, we will:

• Notify the relevant supervisory authority within 72 hours
• Inform affected users if there is a high risk to their rights
• Implement immediate containment and remediation measures

🤝 Third-Party Services

We use the following trusted service providers:

• OpenAI: AI transcription processing (encrypted data only)
• Supabase: Database hosting and authentication
• Vercel: Application hosting and delivery

All third parties are bound by strict data processing agreements.

📞 Contact Information

For privacy-related questions or to exercise your rights:

• Email: privacy@talksfromtherapy.com
• Data Protection Officer: dpo@talksfromtherapy.com
• Response Time: Within 30 days as required by GDPR

📝 Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal compliance. Users will be notified of significant changes via email or in-app notification.