Privacy Policy (GDPR)

Sono-Qui: I Am Here Therapy**

 

Last updated: December 2025

 

1. Introduction

Welcome to Sono-Qui: I Am Here Therapy (“we”, “our”, “us”).
We provide online talking therapy services to clients located in Sweden and the European Union.

Protecting your personal data is essential to us. This Privacy Policy explains:

• what data we collect,
• why we collect it,
• how it is used,
• how it is protected, and
• your rights under the General Data Protection Regulation (GDPR).

By using our website or therapy services, you consent to this policy.

 

2. Data Controller

Sono-Qui: I Am Here Therapy
Email: iamheretherapy@gmail.com
Website: www.sono-qui.be

Location: Halmstad, Sweden

If you have any questions about this policy or your data, please contact us.

 

3. What Personal Data We Collect

We only collect the minimum amount of information required to provide safe and professional therapy services.

3.1. Data you provide voluntarily

• Name
• Contact information (email address, phone number if provided)
• Information shared in your inquiry or contact form
• Information shared during therapy sessions
• Payment information (payment confirmations, invoices)

3.2. Special Category Data (Sensitive Data)

Because we provide therapy, we may process sensitive information such as:

• mental health information
• emotional well-being
• personal history
• information shared during therapy sessions

We only process this information with your explicit consent and solely for the purpose of delivering therapy.

3.3. Automatically collected data (website)

• IP address
• Browser type
• Cookies and analytical data (if applicable)

You will be informed and able to consent to cookies when visiting the website.

 

4. Legal Basis for Processing

Under GDPR, we process personal data based on the following legal grounds:

4.1. Contractual necessity

To provide therapy services, including:

• booking sessions
• communicating with you
• delivering online therapy
• maintaining records required for professional practice

4.2. Explicit consent

Required for:

• processing sensitive mental health information
• storing therapy notes
• sending optional information, resources, or updates

You may withdraw your consent at any time.

4.3. Legal obligation

We may need to retain certain records for:

• accounting
• tax compliance
• professional insurance requirements

4.4. Legitimate interest

Used for operating and improving the website, ensuring security, or preventing fraud.

 

5. How We Use Your Data

We use your data only for purposes directly connected to providing therapy, such as:

• booking and managing therapy sessions
• communicating with you
• conducting therapy safely and professionally
• keeping confidential therapeutic notes
• issuing invoices/receipts
• complying with laws and ethical requirements

We never use your data for advertising.

 

6. How Therapy Notes Are Handled

Therapy notes and client information are stored securely and confidentially.
They are kept separate from payment or administrative records.

Notes are:

• encrypted or stored in secure, access-restricted systems
• never shared unless legally required
• retained only as long as necessary for professional or legal obligations

 

7. Data Sharing

We do not share, sell, or distribute your data to third parties except in the following circumstances:

7.1. With your explicit consent

If you request a referral letter or want information shared with another provider.

7.2. Legal requirement

If required by law or if there is a risk of serious harm to yourself or others.
In such cases, disclosure is limited to what is strictly necessary.

7.3. Service providers

We may use secure third-party services for:

• video conferencing
• website hosting
• payment processing

All service providers comply with GDPR.

 

8. International Transfers

Where possible, we choose EU-based service providers.
If any data is transferred outside the EU (e.g. through cloud providers), it is done in compliance with GDPR using:

• adequacy decisions
• Standard Contractual Clauses (SCCs)
• equivalent safeguards

 

9. Data Retention

We keep your personal data only for as long as necessary:

• Therapy notes: typically 5–10 years (depending on national professional requirements)
• Contact information: as long as we work together or as legally required
• Financial records: minimum 7 years (tax law)
• Emails: up to 2 years, unless needed for legitimate reasons

When data is no longer needed, it is securely deleted.

 

10. Your Rights Under GDPR

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion (“right to be forgotten”)
• Restrict processing
• Object to certain uses
• Withdraw consent at any time
• Data portability
• Lodge a complaint with your national Data Protection Authority (e.g. Integritetsskyddsmyndigheten in Sweden)

To exercise any rights, contact us at iamheretherapy@gmail.com

 

11. Data Security

We implement strong technical and organisational measures, including:

• encrypted data storage
• secure passwords and authentication
• GDPR-compliant hosting providers
• access control (only the therapist can access client files)
• secure video-conferencing tools
• regular backups

Despite all precautions, no system can be guaranteed 100% secure.

 

12. Online Sessions

Online sessions are conducted using secure, encrypted video-conferencing tools.
Clients are advised to:

• use private Wi-Fi
• ensure their device is updated
• choose a private, confidential environment

 

13. Cookies (Website)

Our website may use cookies to:

• improve user experience
• analyze site traffic

You can disable cookies in your browser at any time.

 

14. Changes to This Policy

We may update this Privacy Policy occasionally.
All changes will be posted on this page with an updated revision date.

 

15. Contact

For any questions or GDPR-related requests:

Sono-Qui: I Am Here Therapy
Email: iamheretherapy@gmail.com
Website: www.sono-qui.be