top of page

Privacy Policy

Last updated: 2 November 2025

Who we are

Harbour ("we","us","our") is a trading name of C.Essentials LTD, registered in England and Wales (company No.16001166). We provide text-based emotional support services through our website and digital platforms.

Contact us at harbourwellbeing@zohomail.eu for any privacy or data-related questions.

Purpose of This Policy

This privacy policy explains.

  • What personal data we collect,​

  • how and why we use it,

  • how we keep it secure, and

  • your rights under UK data protection law.

We comply with the UK general data protection regulation (UK GDPR) and the Data protection Act 2018.​

What personal data we collect

Depending on how you use our service, we may collect:

Account & Subscription Information

  • Name, email address, and billing information

  • Subscription details and payment confirmations (processed by Stripe)

Communication Data

  • Messages and information you choose to share during text-based support

  • Feedback or contact form messages

Technical Data

  • IP address, browser type, and device information

  • Cookies or usage analytics (see Section 8)

How we use your data

We process personal data to:

  • Provide emotional-support services

  • Manage subscriptions and payments

  • Communicate updates or service changes

  • Improve our website and user experience

  • Comply with legal obligations (e.g., tax records)

We do not sell or rent your data to third parties.

Lawful basis for processing

We process your data under one or more of the following lawful bases:

  • Contractual necessity – to provide the service you’ve subscribed to.

  • Consent – when you voluntarily share personal information or opt in to communications.

  • Legal obligation – to comply with HMRC or data protection regulations.

  • Legitimate interests – for service improvement, customer support, or fraud prevention.

Confidentiality and safety

Your messages and personal data are treated as confidential.

Only authorised Harbour listeners and administrative staff have access to limited client information, strictly on a need-to-know basis.

If we believe there is a serious and immediate risk of harm to you or someone else, we may contact emergency services — this is the only exception to full confidentiality.

How we store and protect Data

  • All digital data is stored securely using encrypted servers and GDPR-compliant cloud providers.

  • Messaging takes place via encrypted platforms such as Telegram.

  • We use strong passwords, secure access controls, and regular audits to protect your information.

  • Payment information is handled solely by Stripe, a PCI DSS–compliant provider. Harbour does not store card details.

Cookies and Analytics

Our website may use minimal cookies or analytics tools to understand how visitors interact with our pages (for example, Google Analytics or Fathom).

You can disable cookies in your browser settings at any time.

Analytics data is anonymised and cannot identify individual users.

Data Retention

We retain your personal data only for as long as necessary to:

  • Provide the service,

  • Comply with legal and tax obligations, or

  • Resolve disputes.

Chat records are typically retained for up to 6 months after your subscription ends, unless deletion is requested sooner.

Your Rights Under UK GDPR

You have the right to:

  • Access a copy of your personal data

  • Request correction or deletion of inaccurate data

  • Withdraw consent at any time

  • Request restriction of processing

  • Data portability (where applicable)

  • Complain to the Information Commissioner’s Office (ICO) if you’re concerned about how your data is handled: https://ico.org.uk

Third-Party services

We partner only with GDPR-compliant providers:

 

  • Stripe – payment processing

  • Zoho – business email

  • Telegram  encrypted communication

  • Wix – website hosting

Each third party maintains its own privacy and security policies.

International Data Transfers

Where data is stored outside the UK (e.g. by cloud providers), we ensure adequate protection through UK-approved Standard Contractual Clauses or equivalent safeguards.

Changes to this policy

We may update this Privacy Policy periodically.

The latest version will always be published on our website with the “Last updated” date shown above.

bottom of page