top of page

GDPR 

In addition to our general Terms and Conditions, ADHD Help adheres to the following principles and practices in compliance with the General Data Protection Regulation (GDPR):

1. Data Controller:

ADHD Help, located at The Old Manor House, 1 Walting St West, Fosters Booth, Towcester, NN12 8LD, and at hello@adhdhelp.co.uk, is the data controller responsible for the personal data we collect and process in relation to our Services.

 

2. Lawful Basis for Processing:

We will only process your personal data when we have a lawful basis to do so. This may include:  

  • Consent: Where you have given us explicit consent to process your personal data for a specific purpose (e.g., for marketing communications). You have the right to withdraw your consent at any time.

  • Contract: Where processing is necessary for the performance of a contract with you (e.g., to provide the diagnostic assessment services).

  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.

  • Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided your interests and fundamental rights do not override those interests. Our legitimate interests include the provision and improvement of our Services, research, and internal administrative purposes.  
     

3. Data Collection and Purpose:

We collect personal data that is necessary for the provision of our diagnostic assessment services for ADHD and ASD. This may include:

  • Identity Data: Your name, date of birth, contact details (address, email address, phone number).

  • Medical Data: Information about your medical history, symptoms, previous diagnoses, and other health-related information relevant to the assessment. This is considered special category data and will be processed with your explicit consent or under the provision of healthcare by a healthcare professional.

  • Assessment Data: Information gathered during consultations, interviews, and diagnostic evaluations.

  • Payment Data: Information necessary for processing payments.

  • Communication Data: Records of our correspondence with you.
     

We process this data for the following purposes:

  • To schedule and conduct diagnostic assessments for ADHD and ASD.

  • To communicate with you regarding your appointments and the assessment process.

  • To prepare and provide you with the diagnostic report.

  • To maintain accurate records of the services provided.

  • For internal administrative and quality assurance purposes.

  • To comply with legal and regulatory obligations.
     

4. Data Retention Period:

We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Specifically, we will retain your personal data for a period of 24 months following the completion of your assessment or our last interaction with you, unless a longer retention period is required or permitted by law. After this period, your personal data will be securely deleted or anonymized.  
 

5. Your Rights under GDPR:

Under the GDPR, you have several rights regarding your personal data, including:

  • The right to access: You have the right to request a copy of the personal data we hold about you.

  • The right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.  

  • The right to erasure (the "right to be forgotten"): You have the right to request that we delete your personal data in certain circumstances.  

  • The right to restriction of processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.  

  • The right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.  

  • The right to object: You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.  

  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.  
     

To exercise any of these rights, please contact us using the contact information provided in our general Terms and Conditions. We will respond to your request without undue delay and in accordance with GDPR requirements.  
 

6. Data Security:

We have implemented appropriate technical and organisational measures to ensure the security of your personal data and to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. 
 

7. Data Sharing:

We will only share your personal data with third parties where it is necessary for the provision of our Services or where we are legally required to do so. This may include:

  • Healthcare professionals involved in your assessment.

  • Payment processors.

  • IT service providers who assist us with data storage and processing.

  • Regulatory bodies or law enforcement agencies when required by law.
     

We will ensure that any third parties we share your data with are also compliant with GDPR and have appropriate data protection measures in place.
 

8. International Data Transfers:

We will only transfer your personal data outside the European Economic Area (EEA) if there are adequate safeguards in place to ensure the security of your data and your rights are protected, in accordance with GDPR requirements.
 

9. Complaints:

If you have any concerns about how we process your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. Their contact details can be found on their website (www.ico.org.uk). We would, however, appreciate the opportunity to address your concerns in the first instance, so please contact us directly.  
 

10. Updates to these GDPR Terms:

We may update these GDPR Terms from time to time to reflect changes in our data processing practices or legal requirements. We will notify you of any significant changes.  
 

By using our Services, you acknowledge that you have read and understood these GDPR Terms and consent to the processing of your personal data as described herein.

bottom of page