Close this search box.

Privacy Policy & Terms of Service

General Data Protection Regulation (GDPR)

Statement of Intent

This policy sets out how  Elevated Therapy International uses and protects the information you provide when using therapy, coaching and training services in-person, online and by telephone and accessing the website(s).
I intend to ensure any data you provide is kept secure, managed respectfully and only used for the purposes for which it has been provided.
This policy will be updated periodically in line with current legislation.
When you contact me via the website, phone or email I will collect your:
Email Address:

Telephone Number:

Also any information you choose to supply regarding the purpose of your enquiry or therapy session(s). I rely on client consent for handling and processing personal data under ‘special categories of personal data’ for health details.

Elevated Therapy may change this policy, and Terms of Service from time to time by updating this page, and connected information.
All clients in-person, online and by telephone should check this page from time to time to ensure that they are happy with any changes.
This policy is effective from 5th May 2018.

People who have been to see me [in-person sessions] will have signed a summerised version of this Privacy Policy, and are made aware they should read and are invited to take home the printed full-version of the current policy if they so wish any time from the coffee-table.
Telephone and online clients will have been made aware, read and agreed this Privacy Policy, and Terms of Service digitally. 


How is this information used?

I use this information in order to make contact with you to discuss your requirements.
I may also use this information so that I may improve my services.
Possibly, I may use your information to contact you to give a review or testimonial for the work we have undertaken together.
I may contact you by email or phone regarding this.
If you choose to proceed with making an appointment to see me either in-person, online or by telephone, I will remind you of this Privacy Policy so that you are aware how I will use information provided in the course of our sessions together.
I will ask you for your GP contact details and some basic health information: there are some conditions that are contra indicated for hypnotherapy, and therapy generally and sometimes there are circumstances such as particular medications you are taking where it may be necessary to contact or write, and liaise with your GP or health provider(s) before commencing therapy particularly hypnotherapy.
I will inform you of this at our appointment should this appear appropriate, and will only do this with your agreement.
I may ask you for details of your next of kin: this is used very rarely and only in emergency situations.
You do not have to consent to the collection of information, however, if you choose not to provide it, I may have difficulty in fully helping you.

In the course of our sessions

I will confirm your email address as it may also be necessary to send emails to confirm or rearrange appointments or send you information or forms to complete to bring back to me. My email has a powerful antivirus software inbuilt into the platform and all emails are encrypted in transit and I also use Email Guardian from Avast as well which scans for threats in my incoming email messages. 

I will make a note of information you provide me in order that we can plan bespoke therapy sessions and identify/produce interventions which will be used in session and/or which may be sent to you to listen (hypnotherapy) to between sessions.

I am fully compliant with the PCI DSS, and have an Information Security Policy in place for my practice. The ISP is reviewed and updated at least annually. For the purposes of clarity, I do not receive or retain your bank or card details.
I also use Sysnet Protect, a leading compliance and data security manager application.

In order to safeguard you and the people around you, if you were to disclose that you were going to carry out harm to yourself or someone else, then under my “Duty of Care” I am obligated by law to inform the relevant authorities. I would always aim to discuss this with you prior to contacting anyone.

If I was issued with a police warrant or court order for information about you, by law I would also have to provide them with the information.

Under the General Data Protection Regulations which are effective from May 2018 you have the following rights:

the right to be informed: (which is why I have produced this policy)

the right of access: if you wish to see your file then please make a request in writing to me, Michael, the Data Processor. I will provide you with the information within 30 days of your request.

the right to rectification: this is your right to request changes to any information I hold that is factually inaccurate. If you believe any of the information I hold on you is incorrect then please let me know as soon as possible and I will make the relevant changes.

the right to erasure: given the nature of our work – I am required to hold your details for a period of 8 years, from the date of your last visit or, if the client is a child, until his or her 25th birthday, or 26th birthday if the client was 17 when the treatment ended.
Afterwards, information will be securely destroyed.

the right to restrict processing: I will only use the information for the purposes that I have stated above. I uphold the common law principles of confidentiality where the duty to keep confidence is measured against the concept of ‘greater good’. If in my opinion as a therapist there is good reason to believe not to disclose would cause danger or serious harm to self, the therapist or others then your GP or other appropriate agencies may be contacted. Only information required to ensure safety of relevant parties would be disclosed.
Information may have to be disclosed without consent for the prevention, detection or prosecution of a crime.
The sharing of anonymous case histories with supervisors and peer support groups is not a breach of professional confidentiality.

the right to data portability: this right is more relevant to IT companies e.g. the sharing of information when moving from one utility provider to another. I will not share your information without your specific consent, other than in the situations described above.

the right to object: I will not contact you for marketing purposes unless you have given me specific consent to do so.

the right not to be subject to automated decision-making including profiling: I will not use your information for profiling purposes.



I am committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, I have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information I hold. I also have CCTV both outside and inside the premises for the explicit purposes of crime prevention and public safety. This information is secure and where necessary, encrypted. Access is restricted, and images are only retained for a short period of time.

  • Hardcopy documents
    Are all stored in a locked cabinet in a locked, and secure private building. I do not store electronic documents or session notes, or your contact details on a computer with personal or sensitive information. Everything is held as hardcopy.
  • Emails
    My email account requires a user name and password and has a powerful antivirus software inbuilt into the platform and all emails are encrypted in transit. I will only ever send  an email to you with personal or sensitive information with your informed and explicit consent and will always give you the option of picking it up from me personally or posting it to you. All emails held by me are kept on a password protected computer running Avast Premium Security which has a Sensitive Data Shield and delivers a complete security solution.
    Your emails will be deleted when the content is no longer needed, i.e. has been acted upon or therapy has ended.
  • Mobile phone and texts
    I do not use a Mobile / Cell phone or use texts in the course of my work.


Social media

Elevated Therapy has social media accounts, should you wish to participate with these accounts and posts therein, your participation will be visible to the public.



Cookies are small files which ask your permission to be placed on your computer’s hard drive so that it can analyse web traffic to my website(s). Through this I can see which of my website’s pages are being viewed. Most web browsers automatically accept cookies but you can modify your setting to decline them if you prefer. If you choose to do this, you may find that you cannot make full use of my website(s).

Links to other websites from the Elevated Therapy network

My website(s) may contain links to other websites of interest, and may include embedded content (e.g. videos from YouTube etc.).
However, once you use these links please be aware that you have left the Elevated Therapy website network and I do not have any control over other websites. I cannot be held responsible for the protection and privacy of any information which you provide when visiting such sites and these sites are not governed by my privacy policy. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. Please exercise caution and look at the privacy statement applicable to the website you are visiting.



Dr. Michael Millett
Elevated Therapy International
Data Processing
“Tipperary House”
21 Dudley Road
NG31 9AA
Tel: 0333 121 0788 / 01476 568800

Registered with the ICO (Information Commissioners Office). Ref: ZA358064

Please also have a read through further information linked into this Privacy Policy
error: All Elevated Therapy content is copyright protected !!