GDPR Policy

General Data Protection Regulation (GDPR) Compliance Statement
Effective Date: July 2025

Heart & Mind Insights respects your privacy and is committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR). This policy outlines how we collect, use, store, and protect your information when you use our services or visit our website.

1. Data Controller

The data controller for this website is:
Heart & Mind Insights, LLC
Email: cheryl@heartmindinsights.com
Phone: (202) 964-0490

2. What Personal Data We Collect

We may collect and process the following types of personal data:

  • Full name

  • Email address

  • Phone number

  • IP address and browsing behavior (via cookies)

  • Voluntary information submitted via forms (e.g., messages, service inquiries)

We do not collect sensitive health data unless you voluntarily share it when contacting us.

3. Purpose and Legal Basis for Processing

We collect and use your data under the following lawful bases:

  • Consent – When you fill out a form or request a consultation

  • Contractual Necessity – To provide therapy or related services you’ve requested

  • Legitimate Interest – To improve our website and services

You may withdraw your consent at any time by contacting us.

4. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, accounting, or reporting obligations.

5. Your GDPR Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request correction or deletion of your data

  • Object to or restrict processing

  • Request data portability

  • Withdraw consent at any time

To exercise any of these rights, please contact us at cheryl@heartmindinsights.com.

6. Data Sharing and Transfers

We do not sell or rent your personal information. Any third-party platforms used (e.g., telehealth services, scheduling tools) are GDPR-compliant and only process data on our behalf under strict privacy terms.

Your data is stored securely and may be processed outside of the EU, but always with adequate safeguards.

7. Security Measures

We use appropriate technical and organizational measures—including encryption, secure hosting, and access restrictions—to keep your personal data safe and secure.

8. Use of Cookies

Our website may use cookies to enhance your browsing experience. You can adjust your cookie preferences through your browser settings at any time.

9. Changes to This Policy

We may update this policy occasionally to reflect changes in law or our practices. Updates will be posted on this page.

Scroll to Top