Privacy Policy

Last updated: April 18, 2026

Bryn Care ("we", "us", or "the Service") is a beta-stage software platform designed to help therapists manage clients, sessions, and practice operations. This Privacy Policy explains how we collect, use, and protect your information.

The Service is currently provided free of charge and is under active development. By using the Service, you acknowledge and accept the terms of this Privacy Policy.

1. Who We Are

Bryn Care is an independently developed software project and is not currently operated by a registered legal entity. For the purposes of applicable data protection laws, the operator of Bryn Care acts as a data controller for account-related data and as a data processor for client data entered by therapists.

You can contact us at: privacy@mail.bryn-care.com

2. Information We Collect

2.1 Account Information

  • Name and email address
  • Authentication data via third-party providers (see Section 3)
  • Professional or organizational information (if provided)

2.2 Client Data (Entered by Users)

The Service allows therapists to store and manage client information, which may include:

  • Personally identifiable information (e.g., names, contact details)
  • Session notes and scheduling data
  • Other sensitive or health-related information

This data may qualify as special category data under applicable laws.

In relation to this data:

  • The therapist or organization using the Service is the data controller
  • Bryn Care acts solely as a data processor
  • You are responsible for obtaining all necessary consents and ensuring lawful processing of your clients' data

2.3 Usage Data

  • IP address and browser type
  • Pages visited and actions within the application
  • Timestamps and device information

3. Third-Party Authentication (Google Sign-In)

We use Google Sign-In as our primary authentication method. When you choose to sign in using your Google account, you are redirected to Google's authentication service.

By authenticating with Google, we may receive the following information from your Google account:

  • Your name
  • Your email address
  • Your profile image (if available)

We use this information solely to create and manage your account within the Service. We do not access your Google account beyond what is necessary for authentication.

Your use of Google Sign-In is subject to Google's own privacy policies: https://policies.google.com/privacy

4. How We Use Information

  • To provide and maintain the Service
  • To authenticate users and secure accounts
  • To improve features and user experience
  • To monitor performance and detect misuse
  • To comply with legal obligations

We do not use client data for marketing or advertising purposes.

5. Legal Basis for Processing (GDPR)

For users in the European Economic Area:

  • Contract: providing access to the Service
  • Legitimate interests: improving and securing the platform
  • Legal obligation: compliance with applicable laws

Processing of client data is performed on behalf of the therapist, who determines the legal basis (e.g., consent, healthcare provision).

6. Data Sharing

We do not sell personal data. We may share data with:

  • Infrastructure and hosting providers necessary to operate the Service
  • Authentication providers (such as Google) for login functionality
  • Service providers under confidentiality obligations
  • Authorities if required by law

7. Data Retention

  • Account data is retained while your account is active
  • Client data is retained according to your use of the Service and can be deleted by you at any time
  • Upon account deletion, data will be removed or anonymized within a reasonable timeframe, unless retention is required by law

8. Security

We take reasonable technical and organizational measures to protect data, including:

  • Encryption in transit (HTTPS)
  • Access controls
  • Use of trusted third-party providers

9. Your Responsibilities as a User

  • Ensuring lawful collection and use of client data
  • Obtaining informed consent where required
  • Complying with applicable data protection laws

10. Your Rights

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with a supervisory authority

Contact: privacy@mail.bryn-care.com

11. Children's Privacy

The Service is intended for professionals. We do not knowingly collect personal data directly from children.

12. Beta Disclaimer

The Service is provided as a beta product for testing and evaluation purposes. You should assess whether it meets your professional and legal requirements before using it with real client data.

13. Changes to This Policy

We may update this Privacy Policy periodically. Continued use of the Service indicates acceptance of the updated policy.

14. Contact

Bryn Care
privacy@mail.bryn-care.com
bryn-care.com