Privacy Policy

Privacy & Cookie Policy

Last Updated: 20th February 2026

1. Introduction

MindPath is committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR) and Irish data protection laws. This policy outlines how we collect, use, store, and safeguard your personal information.

2. Data We Collect

We collect the following categories of personal data:

2.1 Personal Information
  • Name, date of birth, address, and contact details.
2.2 Clinical Data
  • Self-reported symptoms, medical history, and consultation notes.
2.3 Payment Information
  • Processed and stored securely via Stripe.
2.4 Technical & Analytical Data
  • Cookies and tracking tools for website analytics, marketing and service improvement.
2.5 Children’s Personal Data

Where MindPath provides services to children or adolescents under the age of 18, we may process additional categories of personal data, including:

  • The child’s identifying and demographic information;

  • Health and clinical information relevant to assessment and care;

  • Information provided by parents or legal guardians;

  • Educational or developmental information (such as school reports), where relevant and consented to.

For children under the age of 16, we will only process personal data with verifiable consent from a parent or legal guardian, in accordance with the General Data Protection Regulation (GDPR) as implemented in Ireland. We do not knowingly collect personal data directly from children under 16 without appropriate parental or guardian consent.

3. How We Use Your Data

Your data is used for the following purposes:
 Providing ADHD assessments and diagnosis.
 Processing and managing appointments.
 Handling payments securely.
 Providing aftercare services.
 Website functionality and performance tracking.

We do not sell or share personal data with third parties.

4. Legal Basis for Data Processing

 

4.1 Under GDPR, we process personal data based on:

  • Contractual necessity (to provide our services).
  • Legitimate interest (service improvements and analytics).
  • Legal compliance (medical record retention and data protection regulations).

 

4.2 Children’s Data

Where we process personal data relating to children:

  • For children under 16 years of age, processing is based on explicit consent provided by a parent or legal guardian;

  • For special category data (including health data), processing is carried out in accordance with Article 9(2)(a) and/or Article 9(2)(h) GDPR, where applicable and lawful.

Consent records are maintained in accordance with GDPR requirements and may be withdrawn at any time, subject to legal and clinical record-keeping obligations.

 

5. Data Storage & Security

  • Personal data is stored on secure servers in compliance with GDPR.
  • Access to data is restricted to authorised personnel only.
  • Payment details are handled by our payment processor Stripe.

 

6. Your Rights Under GDPR

6.1 You have the right to:

  • Access your data.
  • Request correction of inaccurate information.
  • Request deletion of your data (where legally applicable).
  • Restrict processing under certain conditions.
  • Request data portability.

To exercise these rights, contact info@mindpath.ie.

 

6.2 Children & Parent Rights Under GDPR

Children have the same data protection rights as adults under GDPR. Where a child is under the age of 16, these rights may be exercised by a parent or legal guardian on the child’s behalf.

When responding to requests relating to a child’s data, we may take into account:

  • The age and maturity of the child;

  • The best interests of the child;

  • Our legal and professional obligations regarding clinical record retention.

Certain rights (such as erasure) may be restricted where we are legally required to retain healthcare records.

 

7. Cookies & Tracking Technologies

MindPath uses cookies for:

  • Essential functionality (site performance and security).
  • Analytics & performance monitoring (Google Analytics, etc.).
  • Marketing purposes, where consent is provided.

You can manage cookie settings through your browser and our partner, Cookiebot.

 

8. Third-Party Services

We work with a number of third party services to be able to offer our care, including but not limited to:

  • Acuity Scheduling (for appointment booking).
  • Stripe (for secure payment processing).
  • Novopsych (for psychometric testing)
  • Hubspot (for client communication)


All third-party services comply with GDPR regulations.

 

9. Data Retention

  • Clinical records are retained only for as long as necessary under medical and legal obligations.
  • Payment details are stored in Stripe for transaction purposes only.

 

Retention of Children’s Clinical Records

Where services are provided to children or adolescents, clinical records may be retained for longer periods than adult records in accordance with Irish healthcare, regulatory, and professional standards. In some cases, records may be retained until the child reaches adulthood plus any additional statutory retention period.

Retention periods are reviewed regularly and limited to what is necessary for legal, clinical, and regulatory purposes.

 

10. Data Breach Policy

In the event of a data breach, we will:
 1️Identify and contain the breach.
 2️ Notify affected users within 72 hours, per GDPR guidelines.
 3️ Implement corrective actions to prevent future occurrences.

 

Ascendia Channel Partners Limited is the Data Controller for the personal data it collects and processes in providing its services.

 

11. Contact & Complaints

For privacy concerns, contact:
info@mindpath.ie

 

12. Policy Updates

MindPath may update this Privacy & Cookie Policy as needed. Continued use of our services constitutes acceptance of any changes.

 

Start ADHD Pre-Assessment - €9.99
Start Autism Pre-Assessment - €9.99
Start AuDHD Pre-Assessment - €14.99