As a therapist, you know how important it is to keep your clients' personal information private. While it's essential for any business or individual who has access to or collects data from their users to display a Privacy Policy, it's maybe especially pertinent for therapists.

Your clients need to be able to trust you, and in today's digital world the first impression you make is often via your website. Including a Privacy Policy on your website that assures potential clients that their information is safe with you is the first step toward building a trusting relationship with them.

This article will help you create and display a Privacy Policy for your therapy practice.

Our Privacy Policy Generator makes it easy to create a Privacy Policy for your business. Just follow these steps:

  1. At Step 1, select the Website option or App option or both.

    TermsFeed Privacy Policy Generator: Create Privacy Policy - Step 1

  2. Answer some questions about your website or app.

    TermsFeed Privacy Policy Generator: Answer questions about website - Step 2

  3. Answer some questions about your business.

    TermsFeed Privacy Policy Generator: Answer questions about business practices  - Step 3

  4. Enter the email address where you'd like the Privacy Policy delivered and click "Generate."

    TermsFeed Privacy Policy Generator: Enter your email address - Step 4

    You'll be able to instantly access and download your new Privacy Policy.

What is a Privacy Policy?

A Privacy Policy is a statement that tells your users how you collect their personal information and what you do with it. That means clearly describing what methods you use to collect their data, and being descriptive and transparent about how you use the data you collect.

As a therapist, you might collect data via more direct methods such as newsletter subscription forms or membership registration forms, or through transactional forms when you book an appointment or sell a product.

Other less obvious means of data collection include website tracking, analytics software and cookies.

Your Privacy Policy should inform users what you do with their personal information once you collect it. Do you share it with any third parties, and if so, who? Your Privacy Policy should also tell users how you manage and store their data and keep it safe.

Why is a Privacy Policy Important?

Why is a Privacy Policy Important?

Including a Privacy Policy on your website is important because it shows your users (and potential clients) that you care about their privacy and value transparency when it comes to how you collect their personal information and what you do with it.

Privacy Policies are also legally required whenever your website collects personal information.

Depending on where in the world you work, your practice may fall under privacy laws from other countries. If you work in one country but virtually see clients based in another country, the privacy laws of their home country may apply to your website.

Global privacy laws that might apply to your website include:


  • The California Consumer Privacy Act (CCPA) and its CPRA amendments
  • The California Online Privacy Protection Act (CalOPPA)


  • The Personal Information Protection and Electronic Documents Act (PIPEDA)

The EU

  • General Data Protection Regulation (GDPR)

What Counts as Personal Information?

Personal information refers to any information that can be used to identify an individual. This might include a single piece of information, such as a user's name, or it could be separate pieces of information that could be combined to identify the individual, such as their birthdate and address.

Personal information can include identifying information such as names, physical and email addresses, birthdays, Social Security numbers, banking information, IP addresses, and web-browsing activities.

What Clauses Should a Therapist's Privacy Policy Include?

What Clauses Should a Therapist's Privacy Policy Include?

As a therapist, you will be collecting personal information such as names, email addresses, and telephone numbers in order to book appointments and stay in communication with your clients. You may also collect financial information if you sell services or products on your website.

Your Privacy Policy should let users know how you collect and use personal information, whether you share it with any third parties, how long you keep personal information and how you keep it safe, and how users can contact you and delete their information if necessary.

Let's take a look at some specific clauses your Privacy Policy should include.

How You Collect Personal Information

Your Privacy Policy should let users know how you will be collecting and storing their information.

You might collect their data automatically, through cookies or website tracking, or voluntarily, through subscription forms or surveys.

Dr. Nicole LePera clearly informs users as to whether her site collects information voluntarily or automatically, and describes how the collection process works:

Dr Nicole LePera Privacy Policy: Introduction clause

Dr. LaPera does an admirable job of using direct language to tell her users exactly how her website gathers personal information. Another important clause to add to your Privacy Policy is what third parties you share information with.

Who You Share Personal Information With

Your potential clients will want to know whether you will be sharing their personal information with any third parties.

Common third parties you might share user information with might be any analytics software or Customer Relationship Management (CRM) technology you use to track user habits or schedule client appointments.

Des Canning's Privacy Policy lets users know that the information his website collects may be shared with IT providers, shipping and delivery contractors, professional advisors, debt collectors, or for any legal purposes.

He also informs users that the website may use third party payment websites, and encourages users to check the Privacy Policy of such sites before submitting personal information:

Des Canning Privacy Policy: Disclosure of Your Information clause

Potential clients want to know who you plan on sharing their data with, but they also want to know what you personally plan to do with their information.

What You Do With Personal Information You Collect

Telling your clients how you use their personal information can help to build your credibility as a therapist who cares about keeping their data safe and using it to provide the best possible services.

You should be as transparent as possible about your reasons for collecting their data. Using direct, precise language can help you to effectively communicate these reasons.

Collecting users' personal information may be necessary for communication and scheduling purposes, or it might help you to improve your methods for supporting their healing process.

Whatever reasons you have for collecting their information, it's important to let users know why you are doing it.

Dr. Lauren Fogel Mersy tells users that she collects data to provide and improve services and to communicate changes to her Privacy Policy or Terms of Service:

Dr Lauren Fogel Mersy Privacy Policy: How We Use This Information clause

Telling users why you collect their personal information can serve as the first step in helping them feel like they can trust you with their problems. You also want to let them know how long you plan on holding onto their information.

How Long You Keep Their Personal Information

You should let your users know how long you will retain their information. If you don't have a legitimate need to keep users' data, it's good business practice to safely dispose of it.

Lisa Olivera lets users know that she will keep their information for as long as necessary to comply with legal obligations, as well as for internal analysis and security and functionality purposes:

Lisa Olivera Privacy Policy: Retention of Your Personal Data clause

Regardless of how long you keep users' data and for what reasons, you should also include a clause letting people know how they can change their stored information if it changes. We'll look at that more in the next section.

How Users Can Edit Their Personal Information

It's imperative to give users clear instructions as to how they can access and edit their data as needed. One way therapists do this is to give people the option of emailing a request to change or delete their data.

Minaa B. Consulting lets users know that it will delete personal information upon request and will communicate to its service providers to do the same.

Minaa B Consulting Privacy Policy: Right to Deletion clause

It also outlines the circumstances in which it's unable to satisfy requests to delete personal information, including security and functionality purposes as well as compliance with legal obligations:

Minaa B Consulting Privacy Policy: Right to Deletion clause - Exceptions section

How You Keep Their Personal Information Safe

Part of your job as a therapist is to make your clients feel safe, and providing that sense of safety can start with your Privacy Policy.

Including a clause about how you store and manage users' information is a small thing that can go a long way in building a trusting relationship between you and your clients.

This part of your Privacy Policy can cover the methods you use to keep users' information safe, such as using encryption tools or anti-malware software, providing security training for employees, or hiring experts to keep inventory of and protect any data you collect.

Dr. Britt Frank informs users that her website takes measures to protect their data, and that users must also take steps to keep their passwords confidential:

Dr Britt Frank Privacy Policy: Data Security clause

How Users Can Contact You

You've gone through all of the work of making a Privacy Policy that includes clauses that shows your potential clientele that you care about their privacy, the final step is to make sure that you give them a way to get a hold of you for any questions or to book an appointment.

As a therapist, you want to make it as simple as possible for users to contact you. That might mean providing multiple contact links on various pages of your website, as well as in the header and/or footer.

It's also a good idea to add a clause to your Privacy Policy that contains your contact information.

Dr. April Snow includes her mailing address, email address, and telephone number to ensure that users can get in touch with her in a variety of ways:

Dr April Snow Privacy Policy:Contact Information clause

Now that you have your Privacy Policy written, it's necessary to make sure that you display it in a place where visitors to your site can easily find it. Let's look at some of the best practices for this.

Where Should You Display a Privacy Policy?

Where Should You Display a Privacy Policy?

There are many places you can display your Privacy Policy on your website, including the footer, subscription forms, or the membership login area.

Putting your Privacy Policy in the footer of your website is a good way to ensure that users can access it from any page of your website.

The footer of Des Canning's website includes a link to the Privacy Policy in the footer. You can see it's larger and set a bit separately away from the other links to help draw attention to it and make it easier to find:

Des Canning website footer with Privacy Policy link highlighted

Displaying a link to your Privacy Policy at the bottom of each email gives everyone you communicate with the chance to learn about how you handle their personal information.

Client Appointment Booking Interface

Your clients should have the option to read your Privacy Policy before booking an appointment with you. Make it easy for them by placing a clickable link directing them to your Privacy Policy page within the appointment booking interface.

Subscription or Registration Forms

Many therapists now offer newsletters or courses as a way to help their clients remotely. Be sure to include an unticked checkbox to get consent on your subscription or registration forms and to ascertain that they've read and agree to your Privacy Policy.

FormAssembly example form with checkbox to accept Privacy Policy and Terms of Service

Checkout Page

If you sell appointment packages or consultation services through your website, you can add an unticked checkbox or link to your Privacy Policy on your checkout page.

Basilica checkout form with Privacy Policy link highlighted

Membership Login

Some therapists offer membership portals where their clients can access their records or any courses or materials they have purchased from you. You can add a link to your Privacy Policy on your membership login page to make it easy for members to view.

Dr. Nicole LePera puts a link to her Privacy Policy below the login area on her membership page:

Dr Nicole LePera Login form with Privacy Policy link highlighted

Making sure your Privacy Policy is visible, easily accessible, and clearly worded helps your users to understand how much you value their privacy and can help them to trust that you will keep their therapy sessions confidential.


As a therapist, adding a Privacy Policy to your website is not only a legal obligation. It also serves the function of showing users that they can trust you with their personal information.

When creating a Privacy Policy you will want to make sure that you include the following clauses:

  • How you collect personal information
  • Who you share personal information with
  • How you use personal information
  • How long you keep personal information
  • How users can find or delete their personal information
  • How you keep personal information safe
  • How users can contact you

You will also want to ensure that your Privacy Policy is visible and easily accessible by all visitors to your website by linking it to your website's footer and in areas where you collect personal information such as appointment booking forms, checkout pages and client login forms.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy