Your Privacy Matters — How We Use & Protect Your Information

At Mental Health Works, we take your privacy and data protection seriously. We’re committed to handling your personal information with transparency, security, and respect — in full compliance with GDPR and UK data protection laws.

Privacy Policy

Last updated: January, 2026

At Mental Health Works, your privacy is of utmost importance. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data across the United Kingdom (UK), European Union (EU), and United States (US) in compliance with the UK GDPR, EU GDPR, CCPA/CPRA (California), and applicable US privacy laws.

1. Who We Are

Mental Health Works Ltd.

Company Registration Number: 10575121

Registered Address: 66 Prescot Street, London, United Kingdom, E1 8NN

Email: info@noelmcdermott.net
Phone: +44 (0)7506 319745

We are the data controller for the personal data we collect.

2. Information We Collect

We may collect and process the following types of personal data:


  • Contact Information (name, email address, phone number)
  • Health/Clinical Information (where voluntarily submitted)
  • Demographic Information (age, gender, location)
  • Technical Data (IP address, browser type, device ID, pages visited)
  • Marketing Preferences
  • Cookies and Usage Data


Special category data such as health information is only collected and processed with your explicit conse

3. How We Use Your Data

We use personal data to:


  • Provide therapeutic, clinical, and consultation services
  • Respond to inquiries and manage appointments
  • Administer billing, invoicing, and communication
  • Improve website functionality and analytics
  • Send marketing emails or newsletters (if consented)
  • Comply with legal, regulatory, and safeguarding obligations

4. Legal Bases for Processing UK– EU – GDPR

We rely on the following legal bases:


  • Consent (Article 6(1)(a)) — for marketing, clinical intake, or processing special category data
  • Contractual necessity (Article 6(1)(b)) — to provide services
  • Legal obligation (Article 6(1)(c)) — safeguarding, accounting
  • Legitimate interests (Article 6(1)(f)) — to improve services and ensure security

5. CCPA–CPRA Compliance – California, USA

If you are a resident of California, you have the right to:

  • Know what personal data we collect and why
  • Access and request copies of your data
  • Request deletion of personal information
  • Opt out of the sale or sharing of personal data (we do not sell personal data)
  • Correct inaccurate personal data


You can submit requests via: info@noelmcdermott.net
We will verify your identity before acting on your request.

6. HIPAA Compliance USA – if applicable

If we process protected health information (PHI) in the US:

  • We comply with the Health Insurance Portability and Accountability Act (HIPAA)
  • We ensure secure handling of all PHI
  • We sign Business Associate Agreements (BAAs) with third-party providers

7. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Ensure website functionality
  • Analyze traffic (e.g., Google Analytics)
  • Remember user preferences
  • Serve relevant content and advertising (where applicable)

Manage your preferences via our cookie banner or browser settings.

8. Data Sharing and International Transfers

We may share your data with:

  • Trusted third-party service providers (e.g., email, CRM, hosting)
  • Clinicians or administrative partners under confidentiality agreements
  • Legal authorities when required by law (e.g., safeguarding)



If your data is transferred outside the UK/EU (e.g., to the US), we ensure:

  • Standard Contractual Clauses (SCCs) are in place
  • Or a relevant adequacy decision exists

9. Data Retention

We retain your data:

  • Client/clinical records: 7 years after last contact
  • Marketing contacts: Until you opt out
  • Website usage data: Aggregated/anonymised after 24 months

10. Your Rights

Depending on your location, you may have the right to:

  • Access, correct, delete your personal data
  • Restrict or object to data processing
  • Withdraw consent at any time
  • Data portability
  • Lodge a complaint with a data protection authority



UK/EU:


US:

  • State Attorney General (based on your state of residence)

11. Children’s Data

We do not knowingly collect data from individuals under 18 without verified parental/guardian consent.

12. Security Measures

  • SSL/HTTPS encryption across all platforms
  • Access restricted to authorized personnel only
  • Encrypted data storage and password-protected systems
  • Regular security audits and staff training

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting an updated notice on our website
  • Contacting you via email (if required)

14. Contact Us

If you have any questions about this policy or how your data is handled, please contact:

Email: info@noelmcdermott.net
Phone: +44 (0)7506 319745
Mail: 66 Prescot Street, London, United Kingdom, E1 8NN

Let’s Talk About
Your Well‑Being

Holographic Crystal Flower
Reaching out is the first step toward feeling better. Schedule a free, no-obligation
consultation today to find the right path forward.
Start Today – Take the First Step