Privacy Policy
This Privacy Policy explains how and why CuraMind collects, uses, and shares personal information when you interact with or use our Site or Service. It also includes any information CuraMind collects offline in connection with the Service, which we may combine with information from the Site and Service. By reading this Privacy Policy, you will understand your privacy rights and choices.
When we say “CuraMind”, we mean Cura Tech Therapy Limited. When we say “Site”, we mean https://curamind.uk/ and when we say “Service”, we mean the Site plus any websites, features, applications, widgets or online services owned or controlled by CuraMind and that post a link to this Privacy Policy.
As part of the Service, CuraMind provides a matching service which results in platform information pertaining to different parties to an interaction. Users of the Service may be Clients or Therapists (Practitioners) or Site Visitors. This Privacy Policy applies to CuraMind’s processing of personal information of Users where CuraMind determines the purposes and means of processing. It does not apply to processing of information by users themselves, who may be controllers of the personal information they access through the Service. For information about how Users process your personal information, please contact them directly.
Accessibility: This Privacy Policy uses industry-standard technologies and was developed in connection with the World Wide Web Consortium's Web Content Accessibility Guidelines, version 2.1. If you wish to print this policy, please do so from your web browser or by saving the page as a PDF.
1. Information Collection
a. Information You Provide to Us
When you use the Service, you may provide us with information about you. This may include your name and contact information, financial information to make or receive payment for services obtained through the CuraMind platform, or information to help us fill out tax forms. When you use the Service, we may also collect information related to your use of the Service and aggregate this with information about other users. This helps us improve our Services for you. You may also provide us with information about your contacts or friends if, for example, you’d like to add those contacts to a message room.
Depending upon our relationship with you, we may collect the following categories and types of personal information from and about you:
i. Identifiers
Examples of Personal Information Collected: Name, Date of Birth, Social Media Account Information, Profile Data, IP Address
Categories of Sources of Personal Information: Directly from You or Your use of the Service; Cookies and Other Tracking Technologies; Third Parties (such as affiliates, agents, service providers and other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Identification, Communications, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
ii. Contact / Account Profile Information
Examples of Personal Information Collected: Email Address, Home Address, Billing Address, Phone Number
Categories of Sources of Personal Information: Directly from You or Your use of the Service, Third Parties (such as affiliates, agents, service providers and other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Identification, Communicating with You, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
iii. Sensitive Personal Information / Government Issued Identification Numbers
Examples of Personal Information Collected: Social Security Number, Driver’s License, State Identification or Passport Number, VAT Identification Number, Tax Identification Number, Immigration Status, Citizenship Information
Categories of Sources of Personal Information: Directly from you
Business Purpose for Collection of Personal Information: Improving and Providing the Service, Verifying Your Identity and Detecting Fraud, Identity Theft, or Other Misuse of Your Account, Legal, Compliance and Regulatory Obligations
iv. Commercial Information
Examples of Personal Information Collected: Transaction Data including services offered, considered, or purchased
Categories of Sources of Personal Information: Directly from You or Your use of the Service; Third Parties (such as affiliates, agents, service providers and other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Identification, Communications, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
v. Financial Data/Payment Information
Examples of Personal Information Collected: Credit card or other financial account information
Categories of Sources of Personal Information: Directly from You or Your use of the Service; Third Parties (such as affiliates, agents, service providers and other users)
Business Purpose for Collection of Personal Information: Improving and Providing the Service, Identification, Communications, Security, Legal, Compliance and Regulatory Obligations
vi. Internet or Other Network or Device Activities Including Information from Cookies
Examples of Personal Information Collected: Unique device and app identifiers, browsing history or other usage data, the browser and operating system you are using, the URL or advertisement that referred you to the Service, the search terms you entered into a search engine that led you to the Service, areas within the Service that you visited, which links you clicked on, which pages or content you viewed and for how long, other similar information and statistics about your interactions, such as content response times, download errors and length of visits to certain pages and other information commonly shared when browsers communicate with websites
Categories of Sources of Personal Information: Directly from You or Your use of the Service; Cookies and Other Tracking Technologies; Third Parties (such as affiliates, agents, service providers and other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Identification, Communications, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
vii. Approximate Geolocation Information
Examples of Personal Information Collected: Your approximate location
Categories of Sources of Personal Information: Directly from You or Your use of the Service; Cookies and Other Tracking Technologies; Third Parties (such as affiliates, agents, service providers and other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Identification, Communications, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
viii. Approximate Geolocation Information
Examples of Personal Information Collected: Communication Information (e.g. your name, contact information, and, with your consent, the contents of any messages you send)
Categories of Sources of Personal Information: Communication Information (e.g. your name, contact information, and, with your consent, the contents of any messages you send)
Business Purpose for Collection of Personal Information: Developing, Providing and Improving the Service, Security, Legal, Compliance and Regulatory Obligations.
ix. Professional Information
Examples of Personal Information Collected: Previous place(s) of employment, position(s), work history, earnings, resume
Categories of Sources of Personal Information: Directly from You or Your use of the Service, Service Providers, Third Parties (such as other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
x. Other Information that Identifies or Can Be Reasonably Associated with You
Examples of Personal Information Collected: User-generated content (e.g. community posts, feedback, ratings and job postings), photographs, examples of your work, information on work previously performed via the Service and outside the Service, skills, tests taken, test scores, hourly pay rates and earnings information
Categories of Sources of Personal Information: Directly from You or Your use of the Service, Service Providers, Third Parties (such as affiliates, agents, and other users)
Business Purpose for Collection of Personal Information: Developing, Improving, and Providing the Service, Identification, Communications, Marketing, Analytics, Security, Legal, Compliance and Regulatory Obligations
b. Non-Identifying Information and De-Identified Information
- Non-Identifying Information/Usernames: We also may collect other information that does not identify you directly, such as post codes, demographic data, information about your use of the Service, and general project-related data (“Non-Identifying Information”). We may combine information collected from CuraMind users, whether they are registered or not (“CuraMind Users”). In some cases, we may render Personal Information (generally, email address) into a form of Non-Identifying Information referred to in this Privacy Policy as “Hashed Information”. This is typically accomplished using a mathematical process (commonly known as a hash function) to convert information into a code. While the code does not identify you directly, it may be used by CuraMind’s partners to connect your activity and interests.
- Combination of Personal and Non-Identifying Information: We may combine your Personal Information with Non-Identifying Information, but CuraMind will treat the combined information as Personal Information.
- De-Identified Information: We may also de-identify or aggregate information and convert it into non-personal information so that it can no longer reasonably be used to identify you (“De-Identified Information”). We may use De-Identified Information for any of the purposes described in the “We Use Information We Collect” section below. We will maintain and use De-Identified Information in de-identified form and will not attempt to reidentify the information, except to confirm our de-identification processes or unless required by law.
c. Information Collected Automatically
Like other online companies, we receive technical information when you use our Services. We use these technologies to analyse how people use the Service, to improve how our Site functions, to save your log-in information for future session.
CuraMind and its partners use cookies or similar technologies to analyse trends, administer the website, track users’ movement around the website, the desktop app, the mobile app and to gather demographic information about our user base as a whole. The technology used to collect information automatically from CuraMind Users may include cookies, web beacons and embedded scripts. In addition, we and our marketing partners, affiliates, analytics and service providers may use a variety of other technologies (such as tags) that collect similar information for security and fraud detection purposes, and we may use third parties to perform these services on our behalf.
For further information on cookies and how they are used for the Service, please visit our Cookie Policy.
d. Work Diaries and Work View
With your permission, you are able to sync your Microsoft and/or Google calendar to our Services. Once connected, CuraMind will send your calendar information about any upcoming events booked through our Services. CuraMind will also receive information from your calendar provider. This information will allow us to show the most up-to-date availability information and provide more effective services. This feature can be opted-out from if requested. Please use the ‘Contact Us’ information below.
e. Children
The Service is general audience and intended for users 18 and older. We do not knowingly collect Personal Information from anyone younger than age 18. If we become aware that a child younger than 18 has provided us with Personal Information, we will use commercially reasonable efforts to delete such information from our files. If you are the parent or legal guardian of a child younger than age 18 and believe that CuraMind has collected Personal Information from your child, please contact us at: info@curamind.uk
2. Use of Information
We use information collected through the Service to provide and improve the Service, develop new Services and products, process your requests, prevent fraud, provide you with information and advertising that may interest you, comply with the law, and as otherwise permitted with your consent.
a. We Use Information We Collect:
- To provide and improve the Service, complete your transactions, address your inquiries, process your registration, verify the information you provide is valid, for compliance and internal business purposes.
- To contact you with administrative communications and CuraMind newsletters, marketing or promotional materials (on behalf of CuraMind or third parties) and other information that may be of interest to you. If you decide at any time that you no longer wish to receive such communications from us, contact us using the ‘Contact Us’ section below.
- To administer and develop our business relationship with you and, if applicable, the corporation or other legal entity you represent.
- To enforce and comply with the law, including to conduct an investigation, to protect the property and rights of CuraMind or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or legally actionable activity.
- For the purposes disclosed at the time you provide your information, with your consent, and as further described in this Privacy Policy.
- For Our Legitimate Interests. In many cases, we handle Personal Information on the grounds that it furthers our legitimate interests in commercial activities, such as the following, in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:
- Providing our Site and Service.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity and prosecuting those responsible for that activity.
- Measuring interest and engagement in our Services.
- Improving, upgrading or enhancing our Services.
- Developing new products and services.
- Ensuring internal quality control and safety.
- Debugging to identify and repair errors with our Services.
- Auditing relating to interactions, and other compliance activities.
- Enforcing our agreements and policies.
- Analysing and improving our business.
- Communications, including marketing and responding to your inquiries about our services.
- Addressing information security needs and protecting our Users, CuraMind, and others.
- Managing legal issues.
3. Data Retention
Unless you request that we delete certain information (please see YOUR CHOICES AND RIGHTS below), we will only retain your personal information for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements, as well as ongoing fraud prevention, backup, and business continuity purposes.
4. Information Sharing and Disclosure
We do not sell your Personal Information for monetary consideration, and we do not share your Personal Information with third parties for those third parties’ marketing purposes. However, we may use technologies on our Site for the purposes of advertising or marketing to you and understanding how you interact with our ads. This may be considered a “sale” or “sharing” of personal information for targeted advertising under applicable data protection laws. We may also share information we have collected about you, including Personal Information, as disclosed at the time you provide your information, with your consent, as otherwise described in this Privacy Policy, or for the following business or commercial purposes:
a. CuraMind Therapists
"For CuraMind therapists, we may share some of your information with prospective CuraMind Clients to facilitate the most ideal match, including, but not limited to: costing, modality, years of experience. Your information may also be shared with our other use technologies for the purposes of advertising or marketing.
For CuraMind therapists, we may also share your information with our Third-Party payment processing partner ‘Stripe’. This is so that all billing and payouts are structured and secured. Ensuring our Services are kept to high standards. This information is kept by Stripe and is secured based on their Privacy Policy. You can find this policy on their website."
b. CuraMind Clients
We may share some of your Personal Information with prospective therapists to ensure to the most compatible matches. The information CuraMind therapists may see is including but not limited to: age, gender, therapy requirements.
Less sensitive information may also be collected and used for other purposes such as advertising and marketing. This will be done with your consent only.
Our Third-Party payment processing partner may also have access to some of your information relating to your session payments. This information is kept by Stripe and is secured based on their Privacy Policy. You can find this policy on their website.
c. Stripe (Billing, Session Payments and Payouts)
We have partnered with a Third-Party called Stripe.
Stipe will save your information in a ‘Stripe Account’ if you are a CuraMind Therapist. This information is stored and secured according to Stripe’s privacy policy. We do not take responsibility for this information. For more information on how Stripe holds your data secure, please go to Stripe and read their privacy policy.
As a client of CuraMind, you will use Stripe to make the payments for your sessions. Stripe will charge your account and you will have the option to save your payment details if you so wish. CuraMind does not process your payments in any way. Your payments will be subject to Stripe’s privacy policy and terms of service. To find out more about their privacy policy and terms of service please go onto their website.
d. Use of Google Services
Our application integrates with various Google services, including Google Calendar, Google Maps, and Google Analytics, to provide enhanced functionality and a better user experience.
Data Collection and Use:
We may collect, or process on behalf of our customers, the following categories of personal data when you use or interact with our products and services:
Google Calendar: We use Google Calendar to facilitate scheduling and meeting management. When you connect your Google Calendar to our application, we may access your calendar data to create, manage, and display meeting links and appointments within our application. The data we collect from your Google Calendar is used solely for the purpose of providing the scheduling services you requested.
Google Maps: We use Google Maps to provide location-based services such as appointment locations and directions. When you use our application to find or navigate to a location, we may collect your location data to provide accurate directions and location-based services.
Google Analytics: We use Google Analytics to collect and track data about how our application is used. This includes information about your interactions with our application, such as pages visited and features used, which helps us improve the user journey and overall experience. The data collected by Google Analytics is used solely for analytical purposes to enhance our services.
Data Sharing and Disclosure
We will not sell your data to third parties. However, we may share your data with third parties who help us provide our services, including:
Google: We may share certain data with Google services as necessary to facilitate the functions provided by Google Calendar, Google Maps, and Google Analytics. For example, we may share your location data with Google Maps to provide you with accurate directions. Google’s use of this data is governed by their own privacy policies.
We also use Google reCAPTCHA Enterprise to help prevent spam and abuse. reCAPTCHA Enterprise collects hardware and software information, such as device and application data, and sends it to Google for purposes of providing, maintaining, and improving reCAPTCHA Enterprise and for general security purposes. This information is not used by Google for personalised advertising. Your use of reCAPTCHA Enterprise is subject to Google’s Privacy Policy (https://policies.google.com/privacy) and Terms of Use (https://policies.google.com/terms).
Opt-Out Options
You may opt-out of Google Analytics’ services by using the Opt-Out feature on their website. To do so, you can install the Google Analytics Opt-out Browser tool available at (https://tools.google.com/dlpage/gaoptout). For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page at (https://policies.google.com/privacy).
e. Legal and Investigative Purposes
"CuraMind will share information with government agencies as required by law including (without limitation) in response to lawful requests by public authorities to meet national security or law enforcement requirements and in connection with reporting earnings. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law.
We will disclose information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), or, at the request of governmental authorities or other third parties conducting an investigation where we determine in our sole discretion the disclosure is necessary to (a) protect the property and rights of CuraMind or a third party, (b) protect the safety of the public or any person, or (c) prevent or stop activity we may consider to be, or pose a risk of being, illegal, fraudulent, unethical or legally actionable activity."
f. Internal and Business Transfers
CuraMind may share information, including Personal Information, any current or future subsidiaries or affiliates, primarily for business and operational purposes, including activities such as IT management, for them to provide services to you, or support and supplement the Services we provide. We may sell, transfer, or otherwise share some or all of our assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets (including, in each case, as part of the due-diligence process with any potential acquiring entity) or in the event of bankruptcy.
g. Sweepstakes, Contests, and Promotions
We may offer sweepstakes, contests, and other promotions (any, a “Promotion”) that may require registration.
h. Non-Identifying Information and De-Identified Information
We may share aggregated Non-Identifying Information and we may otherwise disclose Non-Identifying Information (including, without limitation, Hashed Information) or De-Identified Information to third parties.
Categories of personal information we have shared in the preceding 12 months with third parties and whether is used for targeted advertising.
a. Identifiers - Yes
Shared with payment Processors, Security Companies, Analytics Companies, Other Merchants, Government Agencies (as required by law)
b. Contact Information - Yes
Shared with analytics Companies, Advertising Partners, Payment Processors, Other Merchants, CuraMind Users, Government Agencies (as required by law)
c. Commercial Information - No
Shared with payment Processors, Security Companies, Analytics Companies, Other Merchants, Government Agencies (as required by law)
d. Sensitive Personal Information / Government Issued Identification Numbers - No
Shared with identity Verification Companies, Security Companies, Other Merchants, CuraMind Users, Government Agencies (as required by law)
e. Financial Data/Payment Information - No
Payment Processors, Security Companies, Other Merchants, CuraMind Users, Government Agencies (as required by law)
f. Internet or Other Network or Device Activities Including Information from Cookies - Yes
Analytics Companies, Advertising Partners, Government Agencies (as required by law)
g. Approximate Geolocation Information - Yes
Analytics Companies, Advertising Partners, Government Agencies (as required by law)
h. Financial Data/Payment Information - No
Payment Processors, Security Companies, Other Merchants, CuraMind Users, Government Agencies (as required by law)
5. Your Choices and Rights
You may have certain choices and rights associated with your personal information, including opting out of targeted advertising or other disclosures to third parties. You or your authorized agent may request that CuraMind honour these rights by contacting us as outlined in the “Contact Us” section.
Non-Discrimination: You will not receive any discriminatory treatment by us for the exercise of your privacy rights.
Verifying Your Request: Only you or a person, that you authorize to act on your behalf, may make a request related to your personal information. In the case of access and deletion, your request must be verifiable before we can fulfill such request. Verifying your request will require you to provide sufficient information for us to reasonably verify that you are the person about whom we collected personal information or a person authorized to act on your behalf. We will only use the personal information that you have provided in a verifiable request in order to verify your request. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority. Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive or manifestly unfounded.
For Individuals Located in the European Economic Area (EEA), United Kingdom (UK) or Switzerland:
You have a number of rights under applicable data protection laws in relation to your personal information. Under certain circumstances, you have the right to:
- Have access to your personal information by submitting a request to us.
- Have your personal information deleted.
- Have your personal information corrected if it is wrong.
- Have the processing of your personal information restricted.
- Object to further processing of your personal information, including to object to marketing from us.
- Make a data portability request.
- Withdraw any consent you have provided to us.
- Restrict any automatic processing of your personal information.
- Complain to the appropriate Supervisory Authority.
To exercise any of these rights, please contact us as outlined in the “Contact Us” section below.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above, please contact us. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
6. Security
We take a number of steps to protect your data, but no security is guaranteed.
CuraMind takes reasonable steps to help protect and secure the information it collects and stores about CuraMind Users. We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information that we receive against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure or use.
7. Cross-Border Data Transfers
Because we are a U.K. company, we process and store your information in the United Kingdom and our service providers may process and store it elsewhere.
CuraMind may transfer your personal information to a third party or other company branch that is located in a jurisdiction other than the one from which we collected your personal information, including to countries that have not been deemed to have an adequate level of protection for the rights and freedoms of data subjects. If we do transfer your personal information to another jurisdiction, we will do so following due diligence and provided that the data recipient is subject to contractual agreements imposing obligations on it to ensure appropriate technical and organizational are implemented and maintained at all times to prevent the unauthorized and unlawful processing of personal information, and the accidental loss or destruction of, or damage to, personal information, consistent with our obligations under applicable data protection laws.
We will use appropriate legal transfer mechanisms, including Standard Contractual Clauses, where required by law. In addition, CuraMind is self-certified under UK GDPR and the Data Protection Act 2018 (DPA 2018), as described below. Personal information from EU and Swiss residents will be treated in accordance with the Data Privacy Framework Principles. To exercise any legal right to see copies of the data transfer mechanism documents that CuraMind uses to transfer data to third parties, please contact us.
8. Disclaimers
Our Service contains links to other websites. If you choose to click on a third-party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit Personal Information from you. We encourage you to read the privacy policies or statements of the other websites you visit.
9. Changes to this Policy
We may change this Privacy Policy. If we make substantial changes, we will provide notice.
This Privacy Policy is effective as of the date stated at the top of this page. CuraMind may update this Privacy Policy at any time and any changes will be effective upon posting. By accessing or using the Service after we notify you of such changes to this Privacy Policy, you are deemed to have accepted such changes. Please refer back to this Privacy Policy on a regular basis.
10. Contact Us
To request that CuraMind honour any of the rights described in this Policy please contact us as outlined below.
If you have any questions about this Privacy Policy, please contact us by email at info@curamind.uk by mail addressed to CuraMind, 145 Seymour Place, London W1H 4PA.