Privacy Policy

Last updated: 22 April 2026

1. Introduction

FEEL HEARD LTD respects your privacy and is committed to handling personal data lawfully, fairly, and transparently.

This Privacy Policy explains how FEEL HEARD LTD collects, uses, stores, shares, and protects personal data when you visit https://feelheard.co/, contact us, make a booking, pay for a session, take part in a listening session, or otherwise interact with us.

For the purposes of applicable data protection law, FEEL HEARD LTD is the data controller of the personal data described in this Privacy Policy.

2. Who We Are

FEEL HEARD LTD is a company registered in England and Wales under company number 17145719.

Company: FEEL HEARD LTD.
Company number: 17145719 (registered in England and Wales).
Website: https://feelheard.co/.
Email: info@feelheard.co.

Our registered office address is publicly available on the Companies House register at https://find-and-update.company-information.service.gov.uk/.

Articles 13 and 14 of the UK GDPR require controllers to provide individuals with clear privacy information about how their personal data is used. ICO guidance describes that obligation as part of the right to be informed. 

3. Scope of This Policy

This Privacy Policy applies to personal data we process in connection with:

  • Website visits: Your browsing and interaction with our website.
  • Enquiries: Messages, emails, and other communications you send to us.
  • Bookings: Session reservations, account or form submissions, and related administration.
  • Payments: Payment and transaction processing connected with our services.
  • Session delivery: The provision of one-to-one listening sessions.
  • Service improvement: Internal administration, analytics, record-keeping, support, compliance, and business protection activities.

Feel Heard provides a non-clinical listening service. We do not provide therapy, counselling, medical treatment, diagnosis, or crisis intervention. Even so, personal data shared with us may sometimes include sensitive information, depending on what you choose to disclose.

Although Feel Heard treats information shared during sessions as confidential, that confidentiality is not absolute. We may need to use or disclose session-related information where required by law, where necessary to comply with a court order or regulatory request, where a safeguarding concern arises involving a serious risk of harm to any person, or where disclosure is reasonably required for complaint handling, dispute resolution, or the protection of our legal rights. Further detail about when and with whom personal data may be shared is set out in Section 11 of this Privacy Policy.

4. Data Protection Framework

We process personal data in accordance with applicable law, including the UK GDPR, the Data Protection Act 2018, and, where relevant to cookies and similar technologies, the Privacy and Electronic Communications Regulations 2003, commonly referred to as PECR. The Data Protection Act 2018 is the principal UK statute supplementing the data protection framework, and ICO guidance confirms that PECR governs cookies and similar technologies used on websites and devices. 

Where we offer services to people in the European Economic Area, or otherwise fall within the territorial scope of EU data protection rules, we will also process personal data in a manner intended to remain consistent with the core transparency, fairness, and lawful processing requirements that apply in that context.

5. The Personal Data We Collect

The personal data we collect depends on how you interact with us.

Information you provide directly

We may collect the following categories of personal data when you contact us, make a booking, complete a form, or use our services:

  • Identity data: Your name and, where relevant, any display name you choose to use.
  • Contact data: Your email address, telephone number, billing address, and any other contact information you provide.
  • Booking data: Session date, time, communication preferences, booking status, and service selections.
  • Payment data: Transaction information connected with your purchase, although full card details are typically processed by the relevant third-party payment provider rather than stored by us directly. At the date of this Privacy Policy, payment processing is handled through HubSpot. You can review their privacy practices at https://legal.hubspot.com/privacy-policy. If we change or add payment providers in the future, we will update this Privacy Policy accordingly.
  • Communication data: The contents of emails, messages, support requests, and other communications you send to us.
  • Session-related data: Notes, operational records, scheduling history, or other information reasonably required to deliver and administer the service.

Information collected automatically

When you visit our website, we may automatically collect certain technical and usage information, such as:

  • Device data: Device type, operating system, browser type, and general technical configuration.
  • Usage data: Pages viewed, dates and times of visits, navigation paths, and interaction data.
  • Log data: IP address, approximate location derived from IP, referral source, and system activity logs.
  • Cookie and similar technology data: Information collected through cookies, tags, pixels, scripts, or similar technologies, subject to the choices you make through our consent mechanism.

ICO guidance states that PECR applies not only to cookies, but also to other storage and access technologies, including pixels, scripts, tags, web storage, and similar tools placed on or accessing a user’s device. 

Potentially sensitive information

Although Feel Heard is not a clinical service, you may choose to share information during enquiries or sessions that relates to your health, emotional wellbeing, relationships, beliefs, or other private matters. Some of that information may amount to special category data under data protection law, particularly where it concerns health, sexual orientation, religious beliefs, or similar sensitive matters. ICO guidance confirms that data concerning health and certain other protected categories receive additional legal protection. 

We do not invite users to provide more personal information than is reasonably necessary, and we ask that you do not disclose personal data about other people unless you have a lawful basis for doing so.

6. How We Use Personal Data

We use personal data only where we have a lawful basis and a legitimate reason to do so. Depending on the context, we may use personal data for the following purposes:

  • To provide services: To process bookings, deliver listening sessions, manage scheduling, and communicate about appointments.
  • To administer payments: To confirm purchases, maintain transaction records, and handle refunds or payment-related issues.
  • To respond to enquiries: To reply to messages, support requests, and service-related communications.
  • To manage the website: To maintain website functionality, security, stability, and performance.
  • To improve our services: To review usage trends, improve user experience, develop systems, and manage internal operations.
  • To protect the business: To investigate misuse, enforce our legal terms, manage complaints, and establish, exercise, or defend legal claims.
  • To comply with legal obligations: To meet duties imposed by tax, accounting, consumer, regulatory, or data protection law.
  • To send direct marketing, where permitted: To send updates or promotional communications where we have consent or another lawful basis that applies under the rules governing electronic marketing.

Under the UK GDPR, every processing activity must have a lawful basis. ICO guidance identifies lawful bases including contract, consent, legal obligation, and legitimate interests, and explains that legitimate interests can be used only where the interests of the organisation are not overridden by the rights and freedoms of the individual. 

7. Our Lawful Bases for Processing

Depending on the specific activity, we rely on one or more of the following lawful bases:

  • Contract: Where processing is necessary to take steps at your request before entering into a contract, or to perform our contract with you, including managing bookings and delivering paid sessions.
  • Legitimate interests: Where processing is reasonably necessary for the running, administration, security, support, and improvement of our business and services, provided those interests are not overridden by your rights.
  • Legal obligation: Where processing is necessary to comply with laws or regulatory duties, including financial record-keeping, consumer obligations, and lawful requests from competent authorities.
  • Consent: Where consent is required or is the most appropriate basis, including certain categories of cookies, certain marketing communications, and some forms of recording or transcription where consent is relied upon.
  • Legal claims: Where processing is necessary to establish, exercise, or defend legal claims.

Where special category data is processed, we will identify both an Article 6 lawful basis and an additional Article 9 condition. ICO guidance explains that special category data cannot be processed merely by selecting an ordinary lawful basis; an additional condition, such as explicit consent or another permitted ground, is also required. 

8. Session Recordings, Transcripts, and Monitoring

Feel Heard records listening sessions for purposes including listener training, quality assurance, internal compliance review, complaint handling, safety monitoring, and general service improvement. Operational records relating to bookings, scheduling, and communications are also maintained as part of ordinary service administration.

Our recording and monitoring capabilities may develop over time to incorporate additional features such as automated transcription, structured quality scoring, or other review methods. Where any new capability is introduced, it will be implemented in accordance with the safeguards described below.

Before any session in which recording or transcription takes place, we will provide appropriate notice. Where consent is required under the applicable data protection framework, or where we choose to rely on consent as the lawful basis, we will request that consent clearly before recording begins.

Where recording or transcription involves sensitive content, we will process that data only where a valid legal basis and any required additional condition are in place. Consent under the UK GDPR must be freely given, specific, informed, and unambiguous, and PECR consent standards adopt that same data protection meaning where consent is required for device-based technologies.

9. Cookies, Analytics, and Similar Technologies

We use cookies and similar technologies on our website for essential site functions and, where permitted, for analytics, performance measurement, and related purposes.

Some cookies are strictly necessary for the operation, security, or basic functionality of the website. Other tools, including analytics and similar tracking technologies, may only be placed or activated after valid consent where the law requires that consent.

ICO guidance states that users must be told what cookies and similar technologies do and why they are used, and that non-essential cookies should not be set before the user has given valid consent by a clear affirmative action. ICO guidance also notes that continuing to browse a website is not, by itself, valid consent.

You can manage your preferences through our cookie banner or consent tool, and you can also adjust browser settings, although browser controls may not always prevent all technologies from operating.

Further details about the specific categories of cookies and similar technologies we use should be read together with our Cookie Policy.

10. Marketing Communications

We may send you service-related communications where necessary to manage your booking or account-related interaction with us.

We may also send marketing communications where:

  • Consent applies: You have actively chosen to receive them.
  • Another lawful route applies: We are permitted to do so under applicable electronic marketing rules and you have not opted out.

You can unsubscribe from marketing communications at any time by using the unsubscribe link, where available, or by contacting us at info@feelheard.co.

11. Sharing Personal Data

We do not sell your personal data.

We may share personal data only where reasonably necessary and lawful, including with:

  • Service providers: Providers of website hosting, forms, analytics, communications, scheduling, or payment services.
  • Professional advisers: Lawyers, accountants, insurers, auditors, or other advisers where needed for legitimate business purposes.
  • Regulators and authorities: Courts, regulators, law enforcement bodies, or other authorities where disclosure is required by law or is necessary to protect legal rights.
  • Business transfers: A prospective purchaser, investor, or successor entity if our business structure changes, provided appropriate confidentiality measures are in place.

Third-party providers are expected to process personal data only on documented instructions where they act as processors, and only to the extent necessary for the relevant service.

12. International Transfers

Some of our service providers may process personal data outside the United Kingdom. Where that happens, we will take reasonable steps to ensure that personal data remains protected by appropriate safeguards.

ICO guidance on international transfers explains that organisations must assess whether they are making a restricted transfer and, where required, use an approved transfer mechanism or other lawful safeguard. That framework may include adequacy regulations, the UK International Data Transfer Agreement, or other recognised safeguards, depending on the circumstances. 

13. Data Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including service delivery, record-keeping, legal compliance, complaint handling, fraud prevention, and legal protection.

Retention periods may vary depending on the type of information involved. In broad terms:

  • Enquiry data: We keep enquiry and correspondence records for as long as necessary to respond and manage follow-up issues.
  • Booking and transaction data: We keep booking, billing, and transaction records for as long as required for contractual, accounting, tax, and legal purposes.
  • Session-related records: We keep session administration records only for as long as reasonably required for the relevant operational, quality, complaint-handling, or legal purpose.
  • Cookie and analytics data: We retain that information in line with the settings of the relevant tools and our internal retention practices.

Once personal data is no longer required, we will delete, anonymise, or securely restrict it, unless continued retention is required by law.

14. Security

We take reasonable technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or unauthorised access.

No online system, however, can be guaranteed to be completely secure. For that reason, while we take reasonable care to protect data, we cannot promise absolute security.

15. Children

Feel Heard is intended only for individuals aged 18 years or over. We do not knowingly offer services to children, and we do not knowingly collect personal data from anyone under 18 in connection with the service.

If we become aware that personal data relating to a person under 18 has been collected inappropriately, we may delete that information and take steps reasonably necessary to prevent further use of the service.

16. Your Rights

Depending on the circumstances and the law that applies to you, you may have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Ask us to correct inaccurate or incomplete personal data.
  • Erasure: Ask us to delete personal data in certain circumstances.
  • Restriction: Ask us to limit the way we use your personal data in certain situations.
  • Objection: Object to processing based on legitimate interests in certain circumstances.
  • Data portability: Receive certain personal data in a structured, commonly used, machine-readable format.
  • Withdraw consent: Withdraw consent at any time where we rely on consent, without affecting the lawfulness of earlier processing.
  • Complaint: Complain to the relevant supervisory authority if you believe your data has been handled unlawfully.

ICO guidance states that privacy information should explain individuals’ rights and how they may exercise them. The ICO also explains that people are generally expected to raise their concern with the organisation first and allow up to one month for a response before escalating a complaint.

To exercise your rights, please contact us at info@feelheard.co.

17. Complaints

If you have concerns about how we handle personal data, please contact us first so that we can review the issue.

If you are not satisfied with our response, you may have the right to complain to the Information Commissioner’s Office in the United Kingdom. Information about that process is available at https://ico.org.uk/. ICO public guidance explains that complaints are ordinarily considered after the organisation has had an opportunity to respond. 

If you are located in the European Economic Area, you may also have the right to complain to the supervisory authority in your country or place of habitual residence, where applicable.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, guidance, technology, our service model, or our operational practices.

The most recent version will always be posted on our website with the revised date shown at the top. You should review this page periodically to remain informed about how we handle personal data.

19. Contact

If you have questions about this Privacy Policy or about the way your personal data is handled, please contact:

FEEL HEARD LTD
Email: info@feelheard.co
Website: https://feelheard.co/.

Our registered office address is publicly available on the Companies House register at https://find-and-update.company-information.service.gov.uk/.

Scroll to Top