Privacy Policy

Privacy Policy of Know Thyself Psychology

At Know Thyself Psychology, owned and operated by Psy.KHilscher, we are committed to protecting and respecting your privacy. This policy explains how we collect, use, and store personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable laws.

1. Data Controller

The data controller responsible for your personal information is:

Psy.KHilscher
Svarvargatan 7
112 49 Stockholm /Sweden
psy.khilscher@gmail.com

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Contact Information: Name, email address, phone number, and postal address.

  • Session Notes and Assessments: Information gathered during therapy sessions, consultations, or assessments, which may include sensitive personal data related to your psychological health.

  • Appointment Information: Details related to appointments, including date and time.

  • Website Usage Data: Information on your use of our website, including cookies and IP addresses.

  • Billing Information: If necessary for invoicing and payment purposes.

3. How We Collect Data

We collect your personal data in the following ways:

  • Directly from you, when you fill out forms on our website, schedule appointments, or during consultations.

  • The information is continuously entered into a medical records system during the treatment period. The information is also intended to be a source of information for you as a patient. The legal basis for processing your personal data is that healthcare is considered a task of public interest, meaning an activity fundamental to the functioning of society. Licensed psychologists are also legally required to document care through record-keeping (according to the Patient Data Act, among others). The operations are supervised by the Health and Social Care Inspectorate, and in the event of their inspection, patient data serves an important function.

    4. How We Use Your Personal Data

    We may use your data for the following purposes:

    • Provision of Services: To provide you with psychological consultation and therapy services.

    • Communication: To contact you regarding appointments, send reminders, or answer your inquiries.

    • Billing: To process payments and manage invoices.

    • Legal Obligations: To comply with legal obligations, such as retaining records for tax or regulatory purposes.

    5. Legal Basis for Processing

    We process your data based on the following lawful grounds:

    • Performance of a Contract: To provide psychological services to you.

    • Legitimate Interests: To manage and improve our business and services.

    • Legal Obligations: To comply with regulations such as data retention laws.

    • Consent: For any optional services, such as newsletters, your explicit consent will be obtained.

    6. Data Retention

    We will retain your personal data only as long as necessary to fulfill the purposes outlined in this policy, or as required by law. Typically, sensitive data related to therapy sessions will be retained for a minimum of 10 years in line with local regulations or professional guidelines.

    7. Data Sharing and Security

    We take the security of your personal data seriously and have implemented appropriate technical and organizational measures to protect your data from unauthorized access or misuse.

    We do not sell, trade, or share your personal information with third parties unless:

    • With Your Consent: If necessary for providing services or with your explicit consent.

    • Legal Requirements: When required by law or court orders.

    • Service Providers: With trusted third-party service providers that assist in our business operations (e.g., payment processors or IT services), under strict confidentiality agreements.

    8. Your Rights Under GDPR

    As an individual, you have the following rights regarding your personal data under GDPR:

    • Access: You can request a copy of the personal data we hold about you.

    • Rectification: You can ask us to correct inaccurate or incomplete data.

    • Erasure (Right to be Forgotten): You can request that we delete your personal data where it is no longer necessary for the purposes for which it was collected.

    • Restriction of Processing: You can request the restriction of your personal data processing under certain conditions.

    • Data Portability: You have the right to obtain and reuse your personal data for your own purposes across different services.

    • Objection: You can object to processing based on legitimate interests or direct marketing.

    To exercise any of these rights, please contact us at psy.khilscher@gmail.com.

    9. Cookies

    Our website may use cookies to enhance your browsing experience.

    10. Data Breach

    In the unlikely event of a data breach, we will notify affected individuals and the relevant authorities within 72 hours, as required by the GDPR.

    11. Changes to This Policy

    We may update this privacy policy from time to time. Any changes will be posted on this page, and we encourage you to review it periodically.