Feature

Security & Compliance

GDPR-compliant, encrypted, UK-hosted - Counselling Buddy is built around the professional obligations you already have as a therapist.

Get started Book a demo
AES-256 encryption for all client data at rest TLS 1.3 encrypted connections in transit UK-based hosting - your data doesn't leave the country Daily automated backups to redundant storage You remain the data controller; Counselling Buddy acts as data processor Audit logs on all data access and deletion events

Security isn’t a feature. It’s the foundation.

As a therapist, you hold some of the most sensitive information that exists. Your clients trust you with things they haven’t told anyone else. That trust extends to how their data is stored - and it extends to the tools you use to run your practice.

Counselling Buddy was built with this responsibility at its core. Every architectural decision - how data is stored, how it’s encrypted, where it’s hosted, how it’s deleted - was made with your professional obligations and your clients’ confidentiality in mind.

You are the data controller. Always.

Under UK GDPR, the data controller is responsible for determining how and why personal data is processed. As a therapist, that’s you - not us.

Counselling Buddy acts as your data processor: we store and handle client data only on your instruction, under a formal Data Processing Agreement. We don’t analyse your clients’ data, use it for advertising, or share it with third parties. It exists solely to help you run your practice.

When a client leaves your practice and you delete their records, the data is gone. Permanently. With an audit trail confirming the deletion.

How data is protected across the platform

Security isn’t applied on top of features - it’s built into each one:

  • Session Notes - encrypted with AES using per-user key derivation; no plain-text client identifiers stored
  • Client Profiles - access-controlled and audit-logged; cascading delete on removal
  • Documents - encrypted at upload; TLS-protected on download
  • Payments - processed via Stripe; card data never touches Counselling Buddy’s servers
  • Calendar Sync - Privacy Mode prevents client names appearing in Google Calendar
  • Email & SMS - minimal personal data in notification content by design

Aligned with your professional standards

Counselling Buddy was designed with the BACP Ethical Framework and ICO guidance in mind. We’re not a generic SaaS product that happens to be used by therapists - this platform was built specifically for UK private practice, where professional obligations around confidentiality and record-keeping are real and serious.

  • Secure record-keeping that supports your professional accountability
  • Data retention controls so you can meet your obligations when clients leave
  • GDPR documentation available from your account settings
  • UK-based hosting for data residency assurance - no US cloud providers

Common questions

Do I need to register with the ICO separately? Yes - if you process personal data as a data controller (which you do as a private practice therapist), you need your own ICO registration. Counselling Buddy doesn’t change this obligation, but it does make it easier to demonstrate compliance.

What happens to client data if I cancel my account? You can export your data before cancelling. After account closure, all data is deleted from our systems within 30 days, with written confirmation available on request.

Is there a Data Processing Agreement? Yes. A formal DPA is available from your account settings, covering our obligations as your data processor under UK GDPR Article 28.

Getting started

Security requires no configuration - it’s active from the moment you create your account:

  1. Sign up and verify your email - your account is encrypted from first login
  2. Add clients and notes - encryption happens automatically in the background
  3. Review your GDPR documentation from Settings → Security at any time

Ready to get started? Sign up or book a 20-minute demo call to see Counselling Buddy in action.

Keep exploring

Related features

Client Management

Every client, every session, every note - in one secure, searchable place. No more spreadsheets.

Client Forms

Send clients a link to fill in commonly used clinical forms online - and receive a print-ready, filled PDF back automatically.

Google Calendar Integration

Keep your schedule in sync across Counselling Buddy and Google Calendar - with conflict detection and full client privacy built in.