Skip to content

Legal

Privacy
policy

Last updated: April 2026. What we collect, why, and how to ask us to change or delete it — in plain language.

Free Mind Hypnotherapy ("we," "us," "our") is committed to protecting your privacy. This policy explains what personal data we collect, why we collect it, and how we handle it — in plain language, not legal boilerplate.

Who we are

Free Mind is a hypnotherapy practice operated by Tim Saenen and Damien Delhaye, with locations in Antwerp and Brussels, Belgium.

Data controller: Tim Saenen
Email: tim@free-mind.be
Address: Van der Sweepstraat 5, 2000 Antwerpen, Belgium

What we collect

When you contact us. If you use our contact form or email us, we collect your name, email address, and the content of your message. We use this only to respond to your inquiry. We do not add you to any mailing list without your explicit consent.

When you book a session. Bookings are processed through Cal.com. When you book, Cal.com collects your name, email, and any information you provide in the booking form. We receive your booking details in order to conduct your session.

When you make a payment. Payments are processed through Mollie (a Belgian payment provider) and/or Stripe. We never see, store, or have access to your full credit card number, bank account details, or Bancontact credentials.

When you visit our website. We use Plausible Analytics, a privacy-focused analytics tool hosted in the EU. Plausible does not use cookies, does not collect personal data, and does not track you across sites. No cookie consent banner is required under GDPR because no personal data is processed.

Our site is hosted on Cloudflare Pages. Cloudflare may process your IP address for security and performance purposes (DDoS protection, CDN routing).

When you download our guided audio. If you provide your email to receive the recording, we use it only to deliver the audio and, if you opt in, to send occasional updates about our practice. You can unsubscribe at any time.

During therapy sessions. You may share sensitive personal information including details about your mental health, physical health, relationships, and intimate experiences. This information is treated with the highest level of confidentiality. We do not record sessions without your explicit written consent. Session notes, if taken, are stored securely and are accessible only to your therapist.

Legal basis for processing

Under GDPR (Article 6), we process your data based on:

Consent — when you contact us, book a session, or sign up for our mailing list, you give consent to process the data required for that purpose.

Contract performance — when you book and attend a session, we process data necessary to deliver the service you've requested.

Legitimate interest — we use aggregate, anonymous analytics data to understand how visitors use our site and to improve our services.

Health-related data shared during sessions is considered special category data under GDPR Article 9. We process this data based on your explicit consent, given when you engage our services.

How long we keep your data

Contact form messages: deleted after 12 months unless the inquiry leads to an ongoing client relationship.

Booking records: retained for 2 years for administrative purposes, then deleted.

Session notes: retained for the duration of the therapeutic relationship plus 5 years (in line with Belgian professional standards), then securely destroyed.

Payment records: retained as required by Belgian tax law (7 years for financial records).

Mailing list: until you unsubscribe.

Your rights under GDPR

You have the right to:

Access — request a copy of the personal data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete your personal data ("right to be forgotten").
Restriction — ask us to limit how we use your data.
Portability — request your data in a structured, machine-readable format.
Objection — object to our processing of your data.
Withdraw consent — at any time, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, email tim@free-mind.be. We will respond within 30 days.

Third-party services

We use the following third-party services that may process your data:

Cloudflare (USA/EU) — website hosting and security. Privacy policy.
Plausible Analytics (EU — Germany) — anonymous website analytics. Data policy.
Cal.com (USA/EU) — booking management. Privacy policy.
Mollie (Netherlands) — payment processing. Privacy policy.
Stripe (USA/EU) — payment processing. Privacy policy.

Data transfers outside the EU

Some of our service providers (Cloudflare, Cal.com, Stripe) may transfer data outside the European Economic Area. Where this occurs, these transfers are protected by Standard Contractual Clauses (SCCs) or adequacy decisions as required by GDPR Chapter V.

Security

We take reasonable technical and organizational measures to protect your data, including encrypted connections (HTTPS), secure password practices, and limiting data access to only the therapist you work with.

Complaints

If you believe your data rights have been violated, you may lodge a complaint with the Belgian Data Protection Authority:

Autorité de protection des données / Gegevensbeschermingsautoriteit
Rue de la Presse 35 / Drukpersstraat 35, 1000 Bruxelles
www.dataprotectionauthority.be
+32 2 274 48 00

Changes to this policy

We may update this policy from time to time. Material changes will be noted with a revised "last updated" date at the top.