Privacy Policy


Thalamos is a website and service that provides a clinical administration system and other features relating to Mental Health Act (MHA) administration. This policy applies to the services offered through the website at , and If you use our clinical administration system at the above listed addresses, this Privacy Policy should be read alongside the Terms of Use you agreed to when signing up. The Terms of Use contain some different and unique terms relating to use of the clinical administration system.

This website is owned and the service provided by Thalamos Limited (we, us, our). Thalamos Limited is registered with the Information Commissioners office under ZA528790. Thalamos Limited is registered in England and Wales under 10814088 at 1 Royal Street, London, England, SE1 7LL.

The purpose of this policy is to explain how we use and protect any personal information that you give to us when you use our website or service. Thalamos is committed to ensuring that your privacy is protected. Personal Information you provide to us will only be used in accordance with this policy. Thalamos may change this policy by updating this page. So you should check back from time to time to make sure you’re happy.

What We Collect

We may collect the following information and personal data from you if you use our Clinical Administration Service. We need this information to provide our service and make sure only registered professionals have access to Thalamos:

  • Name
  • Profession
  • Contact information including email address.
  • Professional registration details
  • Invoicing and payment information
  • Other profile data required for maintaining an account with us, such as passwords.
  • Details on sub processors as outlined in the Terms of Use for audit purposes.

We may collect the following information for other services offered through our website such as events, online content or getting in touch with Thalamos:

  • Demographic information such as postcode and preferences for booking events.
  • Details of website or service features which are being used to improve experience
  • Name and Contact details if getting in touch

If you provide us with your contact details, we may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using an email address you provided. We may also use this information for market research purposes. You can opt out of this at any time by replying to an email.

We may aggregate anonymous data collected from our website and clinical administration system for certain purposes, such as administration and analytics, and share it with third parties This data might be based on personal data but it does not identify you personally. If it does identify you personally – we will treat it as personal data in line with this privacy policy and will not share it.

Use of Information

We will only use your personal data as outlined above and as the law allows. We will normally use the following legal basis for processing your personal data.

  • Consent
  • Fulfilling Contractual Obligations
  • Maintaining Legal or Regulatory Compliance
  • For the purposes of legitimate interest

Information Storage

We will only retain personal data for as long as necessary to fulfil the purpose we collected it for. Personal data is held in electronic databases. We use some service providers who aren’t based in the EEA. Service providers located outside of the EEA are either part of the EU-USA Privacy Shield or based in countries deemed to have adequate levels of protection in place by the European Commission. We are waiting for clarity further to the European court of justice judgement on 16 July 2020 surrounding the privacy shield about what measures will need to be established in its place. To be clear, all data stored on our clinical administration system is stored on servers based in Wales, UK. Data at rest is encrypted using AES-256-bit encryption.

Thalamos is a data controller for your personal information if you use our website or services. If you use our clinical administration system, we process the information you store and share there on your behalf and you are the data controller. We cannot see this information. As the data controller you are responsible for making sure you have the correct authority to store or share the information. If you store, process or share individual identifiable health data on our clinical administration system, we cannot view, use or disclose this information unless legally obliged to do so.

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Retention of data on the clinical administrative system is the responsibility of the account owner who should not keep data for longer than is necessary. The retention period will depend on the reason for using the clinical administrative system.

Information Sharing

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

We may share your data with subcontractors in order to fulfil contractual obligations. We will only do this if necessary and only for the purpose which we disclose it to them for. We may share your non-personal data with third parties for certain purposes such as to enable data aggregation described above.

If you share information on our clinical administration system, data in transit is encrypted using Transport Layer Security (TLS).

How We Use Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Your Rights

You have certain rights relating to your personal data under data protection law. These rights will depend on our reason for processing your information. You have the right to:

  • request access to copies of your personal data.
  • Request we correct any information you believe to be inaccurate.
  • Request we erase your personal data under certain conditions.
  • Request we restrict or object processing of your personal data under certain conditions
  • Request we transfer the data we have collected to another you, or another organisation under certain conditions.

If you wish to exercise your rights (including a Subject Access Request), ask a question or lodge a complaint please contact