Hear4U Therapist CPD — Privacy Policy
Version 1.1 — 26 June 2026
1. Who we are
Hear4U Therapist CPD ("the app") is provided by Hear4U Counselling Ltd ("we", "us", "our"), a company registered in England & Wales.
-
Company registration number: 17127256
-
Registered address: Level One, Basecamp Liverpool, 49 Jamaica Street, Liverpool, L1 0AH
-
Part of: Hear4U Group Ltd
-
ICO registration number: ZC178330
-
Data protection contact: hear4ucounselling@outlook.com
We are the data controller for the personal data described in this policy.
2. Who this policy is for
The app is for counsellors, psychotherapists and related practitioners (aged 18+) who are registered with, or working towards registration with, a recognised professional body (e.g. BACP, UKCP, NCPS, BABCP, BPS, HCPC, COSCA, ACC, BPC). It is a tool for your own continuing professional development (CPD) and reflective practice. It is not for entering identifiable information about your clients (see section 6).
3. What personal data we collect
-
Account & identity — email address, password (stored hashed), two-factor (TOTP) secret. Provided by you at sign-up.
-
Professional profile — display name, professional-body registration number, modalities, years of experience, membership renewal date. Provided by you.
-
CPD records — activity type, hours, dates, and your free-text reflections (reflect / plan / action / evaluate / impact). Provided by you.
-
Supervision records — session date, supervisor's name, hours, format, your reflections and notes. Provided by you.
-
Private notes — note titles and bodies — stored encrypted (ciphertext); not readable from our database. Provided by you.
-
AI reflection activity — we do not store readable AI conversation text. We store limited audit metadata (timing, model name, region) and cryptographic hashes of each message and reply. These hashes are not intended to allow us to reconstruct the text, but while associated with your account they are treated as personal data and handled under this policy. Generated server-side.
-
AI safety logs — a record that a message was blocked and why (e.g. "postcode detected") — no message content. Generated server-side.
-
Community posts (optional) — post title, body, modality — only if you choose to post; moderated and PII-screened first. Provided by you.
-
Billing — subscription status and dates; a Stripe customer/subscription reference. We do not store your card details — Stripe does.
Supervisor names. Your supervision records may include your supervisor's name. We process this only as part of your own records: we do not use it for any other purpose, do not contact supervisors, and it is deleted with your records. Because the data is minimal and comes from you (not the supervisor), we consider direct notice to supervisors disproportionate; a supervisor may contact us at any time to exercise their data-protection rights.
4. Why we use it, and our lawful basis (UK GDPR Article 6)
-
Create and run your account; provide CPD/supervision logging and reports — Contract (Art. 6(1)(b)).
-
Provide the AI Reflection Assistant — Contract; safety guardrails also rely on our legitimate interests (Art. 6(1)(f)) in preventing misuse.
-
Take subscription payments — Contract.
-
Keep the service secure; prevent abuse; audit AI safety — Legitimate interests (Art. 6(1)(f)).
-
Optional community feed — Consent (Art. 6(1)(a)) — you choose to post.
-
Comply with legal/regulatory obligations — Legal obligation (Art. 6(1)(c)).
Special category data (UK GDPR Article 9)
Your free-text reflections and private notes may contain special category data — for example, information about your own health, or sensitive details that arise in reflective writing. Where you choose to record such data about yourself, we rely on your explicit consent (Art. 9(2)(a)), given via a separate, unticked checkbox at sign-up. Withdrawing consent is as easy as giving it: you can delete any individual entry or note at any time (which removes that content), or delete your whole account. If you withdraw consent entirely, we can no longer store reflective content for you, but your other account features are unaffected. We minimise this data by: encrypting notes, never sending reflective content to third parties for marketing, and not storing readable AI conversation text.
5. How we keep data in the UK
The app is built for UK data residency:
-
Your account and records are stored in a UK (London) data centre region.
-
The AI Reflection Assistant runs on UK-hosted hardware that Hear4U controls; the function is configured to refuse to run unless the AI region is on a UK allow-list.
-
Access to your records is restricted by row-level security so that only you (and our service systems acting on your behalf) can read them.
6. The AI Reflection Assistant
The Assistant helps you reflect on anonymised, hypothetical or generalised practice scenarios. To protect client confidentiality:
-
It is an adjunct to reflection — not a supervisor, therapist, or diagnostic tool.
-
Before any message is sent to the AI model, automated guardrails block and refuse messages that appear to contain identifiable information — UK postcodes, NHS numbers, phone numbers, email addresses, or dates of birth.
-
We do not store readable AI conversation text. For safety and audit purposes we store limited metadata and cryptographic hashes of AI messages and replies. These hashes are not intended to allow us to reconstruct the text, but where associated with your account they are treated as personal data under this policy.
-
You must not enter identifiable client information. You remain the data controller for your own clients' information under your professional obligations.
7. Service providers and other recipients
We do not sell your data.
Processors acting on our instructions:
-
Supabase — hosting, authentication, database, server functions. UK (London) region. Data Processing Agreement in place; Transfer Impact Assessment on file.
-
Cloudflare — secure tunnel carrying AI requests to UK AI hardware. Content is handled in transit; Cloudflare's connection logs/metadata are covered by its DPA (EU SCCs + UK Addendum).
-
Brevo — transactional email (password resets, account and service emails). EU data centres; DPA incorporated into Brevo's terms of service.
-
RevenueCat (when the mobile apps launch) — subscription infrastructure for in-app purchases. Not yet in use — its data handling will be added here before mobile launch.
Independent controllers and platform operators (they decide how they use certain data under their own terms and privacy policies — we cannot control that processing):
-
Stripe — processes web card payments on our behalf under the Stripe DPA (EU SCCs + UK International Data Transfer Addendum), and additionally acts as an independent controller for payment data it must process for fraud prevention, tax and its own regulatory compliance.
-
Apple / Google (when the mobile apps launch) — app-store platform operators: your store account, in-app purchases, refunds, tax and fraud checks are handled by Apple or Google as independent controllers under their own terms and privacy policies.
The AI Reflection Assistant runs on Hear4U-controlled, UK-hosted hardware; we do not use third-party managed AI services (such as external AI APIs) to process your reflection content. AI requests travel encrypted through Cloudflare's network in transit. If this ever changes, this section will be updated before the change takes effect.
8. International transfers
Your core records stay in the UK. Some payment processors (e.g. Stripe) may process limited data outside the UK. Where they do, the transfer is protected by appropriate safeguards (UK adequacy regulations and/or the UK International Data Transfer Addendum to the EU Standard Contractual Clauses). These are in place via each processor's Data Processing Agreement — see the sub-processor table in section 7.
9. How long we keep your data
We keep your records for as long as your account is active, so that your CPD and supervision history remains available to you.
Account deletion. You may delete your account in the app (Profile → Data rights). You may also request account deletion outside the app at https://www.hear4ucounselling.com/cpd-delete-account. When we delete your account, we delete or anonymise the personal data associated with it, except where we must retain limited records for legal, accounting, fraud-prevention, security, dispute or regulatory reasons, as set out below.
Retention periods:
-
App content (CPD records, supervision records, notes, community posts, profile) — until you delete it or your account; erased on account deletion.
-
AI audit metadata and hashes — while your account is active; erased on account deletion.
-
Account and security logs — up to 12 months.
-
Database backups — deleted data leaves our backup cycle within 35 days of deletion.
-
Invoices and payment records — 6 years plus the current year (UK tax and accounting law).
-
Support correspondence — up to 24 months after the query is resolved.
-
Deletion records (minimal, non-identifying: date and record counts, kept to prove erasure) — 6 years.
Inactive accounts: if you do not sign in for 24 months, we will email a reminder to the address on your account. If your account stays inactive after that, we will delete it and erase its records as above.
10. Your rights
Under UK GDPR you have the right to: access your data; correct it; erase it; restrict or object to processing; data portability; and to withdraw consent at any time. Many of these you can exercise in-app (edit your profile, delete entries, or delete your account). To make any other request, contact us at hear4ucounselling@outlook.com. We will respond within one month.
You also have the right to complain to the Information Commissioner's Office (ICO): ico.org.uk, helpline 0303 123 1113. We'd appreciate the chance to resolve your concern first.
11. How we protect your data
-
Encryption in transit (HTTPS) and a UK-hosted database.
-
Two-factor authentication (TOTP) and automatic session lock after inactivity.
-
Row-level security so users can only access their own records.
-
Private notes stored as ciphertext.
-
AI conversation content stored only as non-reversible hashes.
-
Planned: Cyber Essentials certification and an independent security review of our access controls.
12. Children
The app is for professional adults (18+). We do not knowingly collect data from children.
13. Changes to this policy
We may update this policy. Material changes will be notified in-app. This version: v1.1, 26 June 2026.
14. Contact
hear4ucounselling@outlook.com · Hear4U Counselling Ltd · Level One, Basecamp Liverpool, 49 Jamaica Street, Liverpool, L1 0AH
