top of page

Privacy Policy

Privacy Policy

Last updated: 26th January, 2025

​

1. Introduction

Welcome to Zoë's Occupational Therapy Online. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you use our Service. We are committed to safeguarding your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) in Europe, the UK Data Protection Act, and various state and federal laws in the USA, such as the California Consumer Privacy Act (CCPA) and Health Insurance Portability and Accountability Act (HIPAA). Given the nature of our work with parents and children, we handle sensitive information with the utmost care and confidentiality.

 

In a nutshell: Your data is yours, and I won't share your information with colleagues or other professionals you or I are working with without your permission. Small data segments, like your name, address, and child's name, need to be shared with my team for billing and invoices, but we take care to share only essential data and not share information from our therapy sessions or parent sessions. When communicating with a teacher or school counsellor, I'll only discuss relevant and necessary information, which may include diagnoses and presentation but not personal addresses or other family information you've shared with me. Data protection means sharing only what is necessary, with care and keeping you informed and in charge of what is shared, who with and how it is shared. 

​

2. Data Controller

Zoe Brewer serves as the data controller for your personal data. For any questions regarding this Privacy Policy or our data practices, please contact us at:

 

3. Personal Data We Collect

Due to the personalised nature of our services, we collect the following types of personal data:

  • Contact information (e.g., name, email address, home address, your child's name/age, school, teacher, grade level)

  • Comprehensive personal, medical, and educational information (including birth history, medical records, diagnostic and therapeutic history, educational experiences encompassing engagement, academic performance, and social-emotional presentations)

  • Home life data relevant to the child's development and therapy needs

  • Usage data (e.g., how you interact with our Service)

  • Device information (e.g., IP address, browser type)

  • Cookies and similar technologies

 

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To provide personalised Occupational Therapy services

  • To maintain and improve our Service

  • To communicate with you about your child's progress and our Service

  • To develop tailored therapy plans and strategies

  • To comply with legal and professional obligations across Europe, UK, and USA

  • We use Wix.com to run our website. Your information is stored safely on Wix.com's secure servers. When you make payments, they're processed through secure payment systems that follow strict security standards (PCI-DSS) used by major credit card companies. This information is stored on wix so that we can:

    • Help you if you have questions or technical issues

    • Keep you updated about important service updates and offers

    • Learn how to improve our services through general statistics

​We might reach out to you about your account, help with problems, settle disputes, collect payments, ask for feedback, or share company updates. We'll use email, phone, text, or regular mail to do this.

 

5. Communication of Your / Your Child's Personal Data

When providing a service for you and your child we may need to share data and information which is why you are asked to sign a waiver giving me permission to communicate with appropriate individuals (e.g. school, psychiatrist or other relevant practitioners working with your child) and a Data Protection document which explains how your data is stored. 

You have the right to know what information is shared in either direction and I need your permission to be able to communicate with those people. Educational establishments are also bound by these rules and you have the right to limit this. (Link for more information: American Family Educational Rights and Privacy Act (FERPA) - https://studentprivacy.ed.gov/faq/what-ferpa).

​

Of course you may decline to give permission. Depending on the situation and the nature of my role this document may not be necessary but in other cases it could limit the effectiveness of therapy. 

​

In any case communication is limited to the necessary individuals and topics to support effective therapy provision. Shared information will be on topics relevant to aiding understanding, clinical evaluation, assessment, and treatment efficacy. The following guidelines explain how we communicate your information:

​

  • Communicating history: For optimal support, it is best when relevant adults supporting your child are fully informed about the child's diagnosis and factors impacting current performance. This may include trauma (medical, physical, sexual, emotional, etc.), adoption history, moving history, or other life experiences that affected their development. These are important pieces of information for me to understand. I value your trust in sharing these personal and often difficult stories. Understanding these details helps me grasp factors that may have impacted development and when disruptions occurred, allowing me to offer better, more informed therapy. However, these greater details don't need to be shared with other adults working with your child — certainly not by me. If you choose to share with other adults, that's your decision. From my side, while communicating with relevant colleagues who also work with your child I would offer a "summary," such as "birth trauma," "family challenges at 2 years of age," or "medical challenges at 4 years of age." This is typically sufficient and relevant to share with a teacher, enabling them to adjust their approach and be more inclined to follow recommended techniques.

  • Communicating ongoing progress: I need to communicate basic history, diagnoses, baseline performance, and progress with teachers or educational support staff when relevant. This enables a thorough understanding of the situation, insight into your child’s presentation on any given day, in different situations and allows therapy to support classroom goals and vice versa. If you don't want me to discuss our therapy work or your child's progress with their teacher, please make this clear in writing. I want to understand these concerns/tensions, as they are part of your child's daily environment. I recognise that some teachers may not be as supportive as one might hope, but I need clarity on your boundaries and expectations, or any particular individuals you would like me to limit communication with. This helps us avoid offence, disappointment, or data sharing that would make you or your child uncomfortable.

  • Communicating diagnoses with other relevant adults: If I have been asked to work with a child in school or collaborate with other professionals working with your child it is reasonable for me to assume that you will have shared any relevant diagnoses with them already. If you prefer that I do not share specific details or any specific diagnosis with school staff or any other professional in your child's support team, please inform me in writing.

  • Communicating diagnoses with the child: Please inform me in writing if you do not wish your child to know about a diagnosis.

 

6. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds, in accordance with applicable laws in Europe, UK, and USA:

  • Your explicit consent, especially for sensitive data related to health and development

  • Performance of our service contract

  • Our legitimate interests in providing effective Occupational Therapy

  • Compliance with legal and professional obligations

 

7. Data Retention, Cookies and Tracking

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law or professional standards in Europe, UK, or USA.

​

We use tools like cookies to track how you use our Wix website. We'll always be clear about what information we collect and why. Some features on our site (like Google Analytics) have their own tracking systems and privacy policies.

 

8. Your Rights

Depending on your location, you have certain rights regarding your personal data. These may include:

  • Right to access your personal data

  • Right to rectification of inaccurate data

  • Right to erasure ("right to be forgotten")

  • Right to restrict processing

  • Right to data portability

  • Right to object to processing

  • Right to withdraw consent

To exercise these rights, please contact us using the information provided in Section 2. Note that these rights may vary depending on your location and applicable laws but on the whole if you want us to stop using your data or need to change any information we have about you, just email us at zoeOTonline@gmail.com or zoeebrewer@gmail.com. I don't want you to ever feel uncomfortable about your data (felt-safety is important to all of us) so I will try to fix it asap. 

 

9. Data Security

We implement robust technical and organizational measures to protect your personal data, especially sensitive information about children and families, against unauthorized access, unlawful processing, accidental loss, destruction, or damage. Our security measures comply with standards set by GDPR, UK Data Protection Act, and relevant US regulations.

 

10. International Data Transfers

If we transfer your personal data outside your country of residence, we ensure appropriate safeguards are in place to protect your data. This includes using Standard Contractual Clauses approved by the European Commission for transfers from the EEA, and complying with additional requirements for transfers to and from the UK and USA.

 

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

 

12. Complaints

If you have any concerns about our privacy practices, please contact me first (zoeOTonline@gmail.com OR zoeebrewer@gmail.com).

 

You also have the right to lodge a complaint with your local data protection authority.

 

Professional liability or incompetence complaints should be directed to the Royal College of Occupational Therapy, as my insurance is based in the UK. However, I sincerely hope that if you have any grievances, we can address them through open communication before such measures become necessary. I'm always eager to learn and grow, so if you've been offended by my conduct in any way, I welcome your feedback in whatever form you're comfortable providing it.

​​​

bottom of page