Personal Data We Collect

We may collect personal data where you:

• Submit an enquiry through our website

• Apply for a role

• Contact us by email

• Engage with us regarding partnership opportunities

The information collected may include:

• Name

• Email address

• Telephone number

• Professional information

• Information voluntarily included in enquiry forms

• Technical data such as IP address and browser information

Please do not submit detailed clinical or medical information through general website contact forms.

Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

• Legitimate interests (responding to enquiries and operating our services)

• Contractual necessity (where engaging in services or recruitment processes)

• Legal obligation

• Consent (where applicable)

Where consent is relied upon, you may withdraw consent at any time.

How We Use Personal Data

We may use personal data to:

• Respond to enquiries

• Communicate regarding services

• Manage recruitment or partnership discussions

• Improve website functionality and performance

• Comply with legal or regulatory obligations

We do not sell personal data.

Clinical Data

Where you engage with Mendreo for clinical services, additional data processing may apply.

Clinical information is handled confidentially and in accordance with professional, ethical and regulatory standards governing healthcare provision.

Separate clinical privacy notices may apply to therapy clients.

Data Sharing

We may share personal data with:

• Professional advisers

• IT and hosting providers (including Squarespace)

• Service providers supporting website functionality

• Regulatory or legal authorities where required

All third parties are required to process data securely and in compliance with applicable data protection laws.

Data Security

We implement appropriate technical and organisational safeguards designed to protect personal data from unauthorised access, misuse, loss or alteration.

However, no internet-based transmission can be guaranteed to be fully secure.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal and regulatory obligations.

Retention periods may vary depending on the nature of the enquiry or engagement.

International Transfers

Where personal data is processed outside Ireland or the United Kingdom, appropriate safeguards are implemented in accordance with applicable data protection law.

Your Rights

Subject to applicable law, you may have the right to:

• Request access to your personal data

• Request correction of inaccurate information

• Request erasure of personal data

• Restrict or object to processing

• Request data portability

• Lodge a complaint with a supervisory authority

In Ireland: Data Protection Commission

In the United Kingdom: Information Commissioner’s Office (ICO)

Requests regarding personal data should be directed to: