Bright Eye, and all therapists, are obliged to comply with the new General Data Protection Regulation (GDPR), and to follow its recommendations for storing sensitive data, ensuring that safeguards are in place to keep this data secure, private and confidential.

Total confidentiality of material shared within sessions or via email will be maintained, subject only to the following exceptions:

  • Disclosures where the therapist believes serious harm may befall a child.
  • Disclosures that would leave the therapist liable to criminal court procedure if not disclosed (eg. threats of terrorism).
  • If you disclose that you are planning to take your own life (not simply thinking about it)

Action would only be taken with your prior knowledge and only to people who absolutely needed to know (e.g. your GP).

As an essential aspect of professional practice, all therapists receive supervision about their work, however no identifying details will ever be shared about you.

To use the service you will need to share your name, email address and card details with Stripe, our payment handler [the payee name on your statement will say BrightEye]. Your name, email address, the content of your email communications, and the contents of our initial contact form, will normally be stored for one year after your contact with us.
However, you may request that all data held about you is deleted, if you prefer (please email us at if so).

You have a right to complain to the ICO if you think your data has been mishandled.