top of page

Privacy Policy – Inner Revolution

Last updated: 1st December 2025

​

Inner Revolution (“I”, “me”, or “my”) is committed to protecting and respecting your privacy. This policy explains how I collect, use, store, and protect your personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

This policy applies to visitors of my website and current, former, and prospective clients. 

​

By using my site or services you confirm you are 18 or over and you have read this Policy.

​

1. Who I am

​Inner Revolution is a private therapy practice operated by a sole trader:

​

Name: Emma Sharp-Lau
Practice Name: Inner Revolution
Email: emma@innerrevolution.co.uk
Phone: 07506 969 054
Registered Address: 101B The Studios, Mansell Road, Wellington, Telford, Shropshire TF1 1QQ

​

I am the Data Controller for all personal data collected through this website and during the course of therapy.

​

2. The personal data I collect​

I may collect and process the following data:

​

a) Through the website:

  • Your name

  • Email address

  • Phone number

  • Any information you share in contact forms or emails

​

b) When you become a client:

  • Date of birth

  • Emergency contact details

  • GP details

  • Relevant medical/mental health history

  • Session notes (therapy records)

  • Appointment and payment information

​

I only collect information that is relevant and necessary for providing therapy services.

​

3. How I use your personal data

​Your data is used to:

​

  • Respond to enquiries

  • Arrange and manage appointments

  • Provide therapy services

  • Keep session records

  • Process payments

  • Meet legal and professional obligations

  • Communicate important information about your therapy

​

Your data will never be sold or used for marketing purposes.

​

4. Lawful basis for processing

​Under UK GDPR, I use the following legal bases:

​

  • Consent – When you contact me or agree to begin therapy

  • Contract – To deliver therapy services

  • Legal obligation – For tax and professional requirements

  • Vital interests – If there is serious risk of harm

  • Legitimate interests – To run my practice safely and effectively

​

For sensitive health information, I rely on explicit consent.

​

5. How your data is stored​

​I store data securely in the following ways:

​

  • Electronic records are password-protected and encrypted

  • Paper notes are stored in a locked cabinet

  • Devices are protected by antivirus software and secure passwords

​

I only keep your data for as long as required by law and professional guidance:

​

Therapy records: 7 years after our last session (or until age 25 for minors)
Enquiries: Up to 12 months if they do not progress to therapy

​

After this time, your data will be securely deleted or destroyed.

​

6. Confidentiality and disclosure

​​Everything you share is treated as strictly confidential. However, confidentiality may be broken if:

​

  • You are at serious risk of harm to yourself or others

  • A child or vulnerable adult is at risk

  • I am required by law to disclose information (e.g. court order)

​

Wherever possible, I will try to discuss any disclosure with you first.

​

7. Sharing your data

​Your data may be shared with:​

​

  • A clinical supervisor (anonymously)

  • GP or other professionals (only with your consent)

  • Emergency services (if necessary for safety)

  • HMRC for tax purposes (financial records only)

​

I only share the minimum necessary information.

​

8. Cookies & website data

​My website may use essential cookies to improve functionality and performance.

​

You may see a cookie banner allowing you to accept or manage preferences. You can also disable cookies through your browser settings.

​

9. Your rights under UK GDPR

​You have the right to:

​

  • Access your personal data

  • Request corrections

  • Request deletion (where legally possible)

  • Restrict processing

  • Object to processing

  • Request data portability

  • Withdraw consent at any time

​

To exercise your rights, please contact: emma@innerrevolution.co.uk

​

If you are unhappy with how your data is handled, you may complain to:

Information Commissioner’s Office (ICO)
Website: https://ico.org.uk

​

10. Third-party services (if used)

​If applicable, I may use secure third-party platforms such as:

​

  • Online video platforms (e.g. Zoom, Google Meet)

  • Payment processors (e.g. Stripe, PayPal)

  • Online booking systems

​

These providers are UK GDPR compliant and only process data necessary for their function.

​

11. Changes to this policy

​I may update this policy from time to time. The latest version will always be displayed on my website.

bottom of page