Privacy

Privacy Policy

Last updated: 12 July 2026

Reaching out about therapy means sharing something personal. Here's exactly how your information is handled — in plain terms.

Who is responsible for your data

Ryan Maguire, trading as Ryan Maguire Counselling Services, is the data controller for the personal data collected through this website. Any questions about how your data is used can be sent to Ryan.maguire.cs@gmail.com.

What data is collected

When you use the contact form, the following is collected:

  • Your name and email address
  • Your preferred session format
  • Anything you choose to write about what brings you to therapy
  • Your confirmation that you consent to this being processed

The optional message field can include what's known as "special category data" under UK GDPR — details relating to your mental or physical health. This is only collected if you choose to include it, and only with your explicit consent, given via the checkbox on the contact form.

This site does not use cookies, analytics, or any tracking technology, so no cookie consent banner is needed.

Why this data is collected and the legal basis

DataPurposeLegal basis
Name, email, preferred formatTo respond to your enquiry and arrange a consultationConsent (UK GDPR Art. 6(1)(a))
Message about what brings you hereTo understand your situation ahead of a first conversationExplicit consent (UK GDPR Art. 9(2)(a)), given health-related content

Who this data is shared with

Contact form submissions are sent directly by email to Ryan Maguire's own inbox using a small piece of server-side code (a serverless function) running in London, UK. No third-party form-processing company is used and no submission is stored on any server, database, or dashboard — the data exists only as the email itself, in the same way as if you had emailed Ryan directly. No data is sold, and no data is shared with anyone else, except where required by law or in a genuine safeguarding emergency.

How long data is kept

Enquiry details are kept only as long as needed to respond to you and, if you become a client, as part of your clinical record in line with professional (BACP) record-keeping guidance — typically no longer than 7 years after the end of therapeutic work. If you enquire but don't go on to become a client, your message is deleted after 12 months.

Your rights

Under UK GDPR, you can ask to:

  • See a copy of the personal data held about you
  • Have inaccurate data corrected
  • Have your data deleted, where there's no overriding legal or clinical reason to keep it
  • Withdraw consent at any time — this won't affect anything already sent, but stops any further processing based on that consent

To exercise any of these, email Ryan.maguire.cs@gmail.com. Requests are normally responded to within one month.

If you're unhappy with how your data has been handled, you have the right to complain to the UK's data protection regulator, the Information Commissioner's Office (ICO), at ico.org.uk.

Security

This website contains no database and stores no data itself — enquiries are transmitted securely (HTTPS) directly to a private inbox. Reasonable technical and organisational measures are used to protect any information you share, in line with the UK GDPR's security requirements.

Changes to this policy

This policy may be updated from time to time to reflect changes in practice or law. The date at the top shows when it was last revised.

Back to the main site