Skip to main content
Healing Attachment

Privacy Policy

Last updated: 18 May 2026

Healing Attachment (“I”, “me”, “my”) is a therapy practice operated by Katherine Richmond, based in Horsforth, Leeds. This Privacy Policy explains how I collect, use, and protect the personal information you share with me through this website and when enquiring about or attending therapy.

I am registered as a data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who I am

Data controller: Katherine Richmond, trading as Healing Attachment
Address: 102 Hawksworth Road, Horsforth, Leeds LS18 4JJ
Email: info@healingattachment.co.uk
ICO registration number: ZC156110

2. What information I collect

Through the website enquiry form:

  • Your name
  • Your email address
  • Your phone number (if provided)
  • The content of your message

If you become a client, I also hold:

  • Contact details and emergency contact
  • GP details (recommended but optional)
  • Relevant personal, medical, and therapeutic history that you choose to share
  • Session notes, held securely in line with NCPS ethical guidance
  • Payment records (paid by bank transfer or PayPal; I do not see or store your card or bank-login details)

Website analytics: This site does not use analytics or tracking cookies, and does not profile or track individual visitors. I use Google Search Console to monitor how the site performs in search results; this reports only aggregated, anonymous search data and does not identify individual visitors or place cookies on your device.

3. Why I collect this information (lawful basis)

  • To respond to your enquiry — lawful basis: legitimate interest and, where you have submitted the form, consent.
  • To provide therapy, if you become a client — lawful basis: contract (the therapy agreement) and, for special category data such as health information, explicit consent and the provision of health or social care.
  • To meet professional and legal obligations — lawful basis: legal obligation (e.g. safeguarding duties, tax records).

4. How long I keep your information

  • Enquiries that do not become clients: deleted within 12 months.
  • Client records:retained for 7 years after the end of therapy, in line with NCPS and professional insurance guidance. Records for clients under 18 are retained until the client’s 25th birthday, or longer if the work continued past that date.

5. Who I share your information with

I do not sell, rent, or share your information with third parties for marketing purposes. I only share information where:

  • You have given me explicit consent.
  • There is a serious and imminent risk to your safety or the safety of others (safeguarding).
  • I am required to by law (e.g. court order).
  • It is necessary for supervision, in which case your identity is anonymised.

Essential service providers who process data on my behalf include:

  • Website hosting: Vercel
  • Email: Microsoft
  • Payment processing: Bank transfer and PayPal

All providers are bound by data processing agreements and UK/EU-appropriate safeguards.

6. Your rights

Under UK GDPR you have the right to:

  • Access the information I hold about you
  • Correct inaccurate information
  • Request deletion of your information (subject to legal and professional retention requirements)
  • Restrict or object to certain processing
  • Withdraw consent at any time
  • Complain to the Information Commissioner’s Office (ico.org.uk)

To exercise any of these rights, email me at info@healingattachment.co.uk. I aim to respond within 30 days.

7. Security

Your information is stored securely with encryption at rest and in transit. Paper notes (if any) are kept in a locked filing system. Digital records are held on password-protected, encrypted devices and cloud services with two-factor authentication enabled.

8. Children

This website and practice are intended for adults (18+). I do not knowingly collect information from children through this website.

9. Changes to this policy

I may update this policy from time to time. The “Last updated” date at the top of this page will reflect any changes. Material changes will be communicated to current clients directly.

10. Contact

Questions about this policy or how I handle your data:
Email: info@healingattachment.co.uk