Privacy Policy

Last Updated: 31.03.2025

​

This Privacy Policy ("Policy") governs the collection, use, processing, and dissemination of personal data by Rooted in Support ("we," "us," or "our") in connection with the use of our website (https://www.rootedinsupport.com/) and the provision of online therapy services. By accessing or using our services, you ("Client," "User," or "You") agree to the terms set forth in this Policy. This Policy applies to all personal data collected, processed, and stored in accordance with the laws and regulations of the European Union, including but not limited to the General Data Protection Regulation (GDPR), and the applicable laws of the Republic of Bulgaria.

​

1. Business Information

Rooted in Support, a business registered and operating in Bulgaria, provides online therapy services utilizing Internal Family Systems (IFS) methodology to clients worldwide. As an entity processing personal data, we comply with the applicable provisions of Bulgarian personal data protection laws and the GDPR.

For further information regarding the Bulgarian legal framework for personal data protection, please refer to the website of the Commission for Personal Data Protection: www.cpdp.bg.

​

2. Data Collection, Purpose, and Use

​

a) Data Collection
In the course of providing our services, we may collect the following categories of personal data:

• Identification Information: Such as your name, email address, phone number (if provided).

• Transactional Data: Including payment details (if provided), session history, and booking data.

• Service Usage Data: The number of sessions undertaken, payment records, and associated timestamps related to your therapy sessions.

• Technical Data: Data collected through the use of cookies or other tracking technologies, including but not limited to Wix-specific cookies and similar technologies.

​

b) Data Collection Methods
We collect personal data directly from you through our online platform hosted by Wix.com. This includes data provided through booking forms, payment processing systems, and user interactions with the website.

​

c) Purpose of Data Processing
The personal data collected is processed for the following purposes:

• To provide and operate therapy services, including the scheduling of sessions and processing of payments.

• To offer ongoing customer support, including technical assistance and service-related inquiries.

• To communicate service-related notices, reminders, and promotional updates, in compliance with your preferences.

• To generate aggregated statistical data to improve our services and better understand client needs, subject to your consent where required.

• To comply with applicable legal and regulatory obligations, including record-keeping and reporting requirements.

​

d) Cookies and Tracking Technologies
We, in conjunction with Wix, employ cookies and similar tracking technologies to ensure the functionality, security, and performance of our platform. These technologies are utilized to enhance user experience, monitor the platform’s operation, and ensure service availability.

Cookies in use on our platform include: ssr-caching, server-session-bind, fedops.logger.sessionId, mpaSessionId, and similar technologies employed by Wix.

​

3. Data Storage, Retention, and Security

​

a) Data Storage and Security
Personal data is securely stored in data centers provided by Wix.com, which employs stringent security measures to protect your information from unauthorized access, alteration, or destruction. All data is retained within the European Economic Area (EEA), or other jurisdictions deemed adequate under the relevant data protection regulations.

​

b) Payment Data Security
In line with the Payment Card Industry Data Security Standard (PCI-DSS), Wix and our associated payment processors utilize industry-standard security protocols for payment transactions, ensuring secure handling of sensitive payment information.

​

c) Data Retention
Personal data will be retained for the duration necessary to fulfill the purposes outlined in this Policy, including for legal and regulatory compliance, unless a deletion request is made in accordance with your rights outlined below.

​

d) Security Measures
We take all reasonable and appropriate technical and organizational measures to ensure the security of your personal data, including encryption and access control. However, while we endeavor to protect personal data, we cannot guarantee the absolute security of data transmitted over the internet.

​

4. Data Sharing and Third-Party Services

We do not disclose or sell personal data to third parties except as specified below:

• Wix.com: As our platform provider, Wix processes personal data to facilitate the functioning of our website and services.

• Payment Processors: Personal data necessary for transaction processing may be shared with third-party payment processors in accordance with the privacy policies of those services.

• Legal Requirements: We may be required to disclose personal data to governmental authorities, regulators, or law enforcement if mandated by applicable law.

​

We also receive personal data from third-party sources, and any such data is processed in accordance with this Privacy Policy and any specific restrictions imposed by the source of the data.

​

5. Client Rights

​

In accordance with the GDPR, you possess the following rights regarding your personal data:

• Right to Access: You have the right to request access to the personal data we hold about you.

• Right to Rectification: You may request that we correct any inaccurate or incomplete personal data.

• Right to Erasure: You may request the deletion of your personal data, subject to applicable legal exceptions.

• Right to Restriction of Processing: You may request a restriction on the processing of your personal data under certain circumstances.

• Right to Data Portability: You have the right to request a transfer of your personal data to another service provider, subject to technical feasibility.

​

To exercise any of these rights, please contact us at therapy@rootedinsupport.com.

​

6. Legal Compliance

​

As we operate within the European Union and provide services globally, we comply with the requirements of the General Data Protection Regulation (GDPR) and other relevant laws. Depending on your jurisdiction, additional local privacy regulations may apply, and we are committed to ensuring compliance with all applicable laws.

​

7. Contact Information

​

For inquiries related to this Privacy Policy or to exercise any of your rights, you may contact us at:
Email: therapy@rootedinsupport.com

We reserve the right to update or amend this Privacy Policy periodically.