Back

Privacy Policy

Last updated: 27 June 2026

1. Overview

This policy explains what personal data is collected through this site, why it is collected, and how it is used. Things are kept simple — only the minimum needed is collected. Your data will never be sold to anyone.

The data controller is Dane Madore. If you have questions about your data, contact hello@danemadore.com.

2. What is collected

Mailing list: Your email address, provided when you sign up. This is used solely to send you published content and updates. You can unsubscribe at any time.

Booking enquiries: When you contact us to book a therapy session or consulting appointment — by email or through the site — your name, email address, and whatever context you choose to share are received. This information is used to arrange and deliver the session.

Payment information: Payments are processed by Stripe. Your full card details are never seen or stored on this site. Stripe provides a transaction record (amount, date, last four digits of your card) so that payments can be matched to bookings. Stripe's handling of your payment data is governed by Stripe's Privacy Policy.

Learning platform: When you enrol in a course, you create an account on the learning platform. This involves your name, email address, and a password. Your course progress and assessment results are also recorded in order to issue certification.

Session content: Defusion Therapy sessions and consulting sessions are confidential. Anything you share during a session is treated in confidence and is not shared with third parties unless required by law or with your explicit consent.

Website analytics: Privacy-respecting, cookieless analytics is used to understand how visitors use the site (e.g., which pages are visited, general geographic region). It sets no cookies and is not used to identify individual visitors or build advertising profiles.

Diane (AI chat) conversations: You can talk to Diane on the public site without an account, and within the courses as your tutor. Your messages and her responses are processed to generate replies and — for students — to track your progress and keep the tutoring coherent. This processing is carried out by specialist AI infrastructure providers acting on our instructions, solely to provide the service. Public conversations are stored under an anonymous session identifier; course conversations are stored with your account. If you use voice input, your speech is converted to text — on your device where your browser supports it, otherwise by a transcription provider — and only the text is kept. All conversations are reviewed automatically for abuse and misuse, and flagged conversations may be reviewed by a person (see Security and abuse prevention below). Anonymised, de-identified observations derived from conversations are retained for research and to improve the programme; these are stripped of personal identifiers.

Technical and security data: When you use the platform, your IP address and device/browser information (user-agent) are recorded. This is used to keep the service secure, prevent and investigate abuse, and — where necessary — block access from a network engaged in abuse.

Reviews and support tickets: If you submit a course review, your rating and any text you write are stored; if you and we choose to publish it, it appears on the site shown only by your initials. If you submit a support ticket, your name, email, and the details you provide are stored so the issue can be resolved.

3. Why it is collected

Under the UK GDPR, your data is processed on the following legal bases:

Contract: To deliver services you've booked — therapy sessions, consulting appointments, or the certification programme.

Consent: To send you the mailing list. You can withdraw consent at any time by unsubscribing.

Legitimate interest: To keep the platform secure and prevent abuse, to improve the services offered, and to understand how the site is used.

4. Who it is shared with

Your data is shared only where necessary to deliver the services:

Stripe processes payments. Specialist AI infrastructure providers process chat messages, on our instructions, solely to generate Diane's responses. Email, hosting, and security providers deliver messages, serve the sites, and protect the forms. Each provider receives only what it needs to perform its function.

Your personal data is never sold, rented, or traded. Information will be disclosed only if required by law or by a court order.

5. Cookies

This site uses minimal, essential cookies only. The learning platform uses session cookies to keep you logged in; the public chat sets a short-lived cookie so Diane can keep the thread of your conversation; and the bot-protection service sets its own cookie when verifying that a request is genuine. No third-party advertising or tracking cookies are used.

The analytics used by this site is cookieless and aggregated — it sets no cookies and does not track or identify individual visitors, so it requires no cookie consent under UK GDPR. If this ever changes, this policy will be updated and your consent sought where required.

6. Security and abuse prevention

HTTPS is used across all sites. Payment data is handled entirely by Stripe under PCI-DSS standards. LMS accounts are password-protected with two-factor authentication.

To keep the platform safe, conversations with the AI tutor are reviewed automatically for abuse — for example threats, harassment, or deliberate attempts to misuse or manipulate the system. Where such behaviour is detected, the account may be suspended automatically and a report generated for review. We record the IP address and device information associated with the activity, and may block access from a network engaged in abuse. If an account is suspended or an address blocked in error, contact hello@danemadore.com and it will be reviewed.

No system is perfectly secure, but reasonable and appropriate measures are taken to protect your information.

7. How long data is kept

Mailing list: Until you unsubscribe, at which point your email is deleted from the list.

Booking enquiries: Kept only as long as needed to arrange and deliver the session you requested, then deleted. Payment records are retained separately for tax (see below).

Certification records: Your enrolment, progress, and certification status are retained indefinitely so that your qualification can be verified. You may request deletion of your LMS account, but a record that the certification was issued will be retained.

Payment records: Retained for up to 7 years for accounting and tax compliance.

Reviews: Kept while published or until you ask for removal. Security and abuse logs (including IP and device information and abuse reports): kept while they remain relevant to investigating and preventing misuse and protecting the platform.

Anonymised research observations derived from AI-tutor conversations are retained indefinitely; because they contain no personal identifiers, they are no longer personal data and are not affected by deletion of your account.

8. Your rights

Under UK GDPR, you have the right to:

Access the personal data held about you. Correct any inaccurate data. Delete your data, subject to any legal or professional retention obligations. Restrict or object to certain processing. Port your data to another service where technically feasible. Withdraw consent at any time for consent-based processing (such as the mailing list).

To exercise any of these rights, email hello@danemadore.com. You will receive a response within 30 days.

If you are not satisfied with how your data is handled, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. International transfers

Hosting and service providers may process data outside the UK. Where this happens, appropriate safeguards are in place (such as standard contractual clauses or adequacy decisions) to protect your data to the standard required by UK GDPR.

10. Changes to this policy

This policy may be updated from time to time. The date at the top of the page will always reflect the latest version. For significant changes, mailing list subscribers will be notified by email.

11. Contact

For anything related to your privacy or personal data, email hello@danemadore.com.