Legal

Privacy Policy

Last updated: March 2026

Practeese is a practice management service registered in England and Wales. We are committed to protecting the privacy of practitioners and the patients they serve. This policy explains what data we collect, why, and how we protect it.

What we collect

When you sign up as a practitioner we collect:

  • Your name, email address, and professional details (speciality, registration number)
  • Practice information (name, address, phone)
  • Billing information processed securely via Stripe

When you add patients to the platform, their personal data is stored on your behalf. This includes name, date of birth, contact details, session notes, and intake form responses. This is special category health data under UK GDPR.

How we use your data

We use your data only to provide the Practeese service. Specifically:

  • To send you sign-in links and account notifications
  • To send automated reminders and emails to your patients on your behalf
  • To process subscription payments via Stripe
  • To improve the product based on aggregate usage patterns

We do not sell your data. We do not use your data for advertising. We do not share your data with any third party except the sub-processors listed below, which are necessary to run the service.

Patient data

You are the data controller for your patients' data. Practeese acts as a data processor on your behalf under a Data Processing Agreement. We store patient data securely and only access it to provide the service or as required by law.

You are responsible for ensuring you have a lawful basis for processing your patients' data and for informing them that their information is held on Practeese.

Data storage and security

All data is stored on Supabase infrastructure located in the EU (Ireland region). Data is encrypted in transit using TLS and encrypted at rest. Access is restricted to authorised personnel only.

Transactional emails are sent via Resend using AWS SES infrastructure in the EU West region. Payment processing is handled by Stripe Inc, which is PCI DSS compliant.

Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to processing in certain circumstances

To exercise any of these rights, email us at hello@practeese.com. We will respond within 30 days.

Cookies

We use a single session cookie to keep you signed in to the app. We do not use advertising cookies, tracking pixels, or any third-party analytics that track individual users. We do not use Google Analytics.

Data retention

We retain your data for as long as your account is active. If you cancel your account, we will delete your data within 30 days unless we are required by law to retain it longer. You can request deletion at any time by emailing us.

ICO registration

Practeese is in the process of registering with the Information Commissioner's Office (ICO). Registration number will be published here once confirmed.

Contact

For any privacy questions or data requests, contact us at hello@practeese.com. We aim to respond within 2 business days.