Updated 12 September 2023
For Bravely Connect users (Practitioners & Clinics)
1. Strict Data Sale Prohibition
2. Safeguarding Therapeutic Records
Mental health discussions and records are uniquely sensitive, and we fully recognise the gravity of safeguarding such information. Bravely Connect is committed to ensuring that any mental health data or therapeutic records entered into our platform are managed with the highest levels of care, discretion, and confidentiality. Bravely encrypts all therapeutic records, reinforcing our commitment to their protection. We maintain stringent access controls: only authorised personnel can access the encrypted data, and even then, only when critically required. Rest assured, while we strive to provide a reliable platform for mental health practitioners, we maintain an unwavering respect for the sanctity of mental health records.
3. Data Storage and Categories
At Bravely, our primary and sole reason for storing data is to facilitate the use of our services by our customers. We take privacy seriously and want to emphasise that, while we store certain data for functionality, our systems are designed to prevent unauthorised access to confidential information shared within therapeutic settings.
Data that we store:
Customer Account Data: Information provided when registering in Bravely Connect, including personal details and professional credentials.
Client Data: Any therapeutic records or data inputted concerning your clients.
Transactional Data: Details of financial transactions, albeit without direct access to payment specifics.
Other Data: Information shared via our website, apps, or through direct communication.
All stored data adheres to relevant data protection regulations.
4. Processing Customer Account Data
When registering an account, we accumulate your data to ensure streamlined delivery of our services and features.
Your privacy is paramount. We pledge to honour your confidentiality across all platforms and sites we operate. Information is solely acquired for service delivery, safeguarded against unauthorised access, and retained only as long as it fulfils our service commitment and complies with our Terms & Conditions.
5. Processing Client Data
Client confidentiality is of utmost importance to us. We do not share any Personally Identifiable Information (PII) unless it is mandated by law, explicitly permitted by you, or is in strict accordance with our Terms of Service. Upon discontinuation of our services, your data is queued for deletion. However, we may retain it for a duration consistent with the recommendations of Singapore's Personal Data Protection Act (PDPA) guidelines before permanent erasure.
6. Data Security
Bravely Connect partners with leading cloud service providers. We ensure your data's security by adhering to the high cloud security standards, using SSL/TLS to protect data in transit, and we supplement this with AES-256 encryption.
7. Age Restrictions and Parental Consent
Bravely Connect is primarily designed for mental health practitioners working with adult clients aged 18 and above. If practitioners intend to engage with clients younger than 18, it's mandatory to obtain verifiable parental consent. Furthermore, all interactions with minors should be supervised in accordance with applicable laws and ethical guidelines.
8. External Links and Third-Party Services
Our platform may contain links to third-party websites or services, these are not governed or controlled by Bravely Connect. We strongly recommend users review the privacy policies and terms of any third-party sites or services they access through our platform. Bravely Connect disclaims responsibility for the content, actions, and privacy practices of these external entities.
A. Google Calendar Integration
Bravely Connect's appointment scheduling feature is integrated with Google Calendar to offer users a streamlined experience:
Requestor of your Google Calendar Data: Bravely Connect will require access to synchronise appointments from our platform to your Google Calendar.
Data Access: For the synchronisation to work effectively, Bravely Connect requests both read and write permissions to your Google calendars and Google Calendar Events.
Purpose: This integration is not optional if you wish to use the appointment scheduling feature on Bravely Connect. It's designed to ensure users have real-time updates, conflict checking and can manage their appointments efficiently through their Google Calendar.
Data Sharing: Your privacy remains our top priority. Your Google Account data and calendar details are kept confidential and are not shared with any other Bravely Connect account or third-party entities.
B. Payment Processing with Stripe
Bravely Connect uses Stripe for secure and efficient payment processing. Here's what you should know about how we manage this:
Data Collection and Transmission: When processing payments, Bravely Connect collects and sends relevant data through Stripe's secure infrastructure.
Data Usage: Data shared with Stripe is strictly for the purpose of completing your transactions or addressing any disputes/chargeback situations. From time to time, we may also be required to share certain personally identifiable information about the payers to comply with Stripe's terms of service and to provide necessary documentation in the event of a payment dispute.
Security: Stripe is a leading payment processor known for its rigorous security standards. When you process a payment on Bravely Connect, you can be confident that your financial information is managed with utmost care and security.
Data Retention: Bravely Connect does not store your financial details. Instead, we rely on Stripe's secure tokenisation process to handle and store sensitive payment data.
9. User Rights and Contact
You have the right to access, modify, or request the erasure of your data. However, please note that erasing certain data may impact the usability of some of our features. Send requests concerning your data to our Data Protection Officer via email, and we'll comply in accordance with Singapore's Personal Data Protection Act (PDPA). For any queries or concerns, please reach out to email@example.com.
10. Jurisdiction & Governing Law
11. Changes to this Policy
Updates might be introduced periodically. Significant changes will be notified via an updated posting on this page.