Privacy Policy

SEN Help (“we,” “us,” “our”) is committed to protecting your privacy. This policy explains what data we collect, why we collect it, how we use it, and your rights under UK GDPR (the UK General Data Protection Regulation) and the Data Protection Act 2018.

Data Controller: SEN Help, operated by Bupe Lumbeta. Contact: hello@sen.help

What Data We Collect

We collect the following data through our website at sen.help:

For Parents

• Email address (provided when completing the SEND Rights Quiz or downloading resources)
• Local Authority area (selected during the quiz or Get Matched form)
• Quiz responses (Yes/No answers about your council’s conduct)
• Name (provided when submitting a Get Matched request)
• Type of expert needed and urgency level (provided on the Get Matched form)
• A brief description of your situation (maximum 200 characters, provided on the Get Matched form)
• Payment information for digital products (processed by Stripe, we do not store card details)

For Professionals

• Full name, email address, phone number, business name
• HCPC or SRA registration number
• Local Authority coverage areas and specialisations
• Website or LinkedIn URL
• Years of experience
• Professional biography
• Declaration of Professional Indemnity Insurance and Enhanced DBS status

What We Do NOT Collect

We deliberately do not collect:

• Your child’s name, diagnosis, or medical information
• School names
• Any Special Category Data as defined under UK GDPR Article 9

This is by design. SEN Help is an introductory routing service, not a case management platform. We do not need or want sensitive health data about your child.

Why We Collect This Data

We use your data for the following purposes:

• To deliver quiz results and personalised Local Authority information (legal basis: consent)
• To match parents with verified professionals in their area via the Get Matched service (legal basis: consent and legitimate interest)
• To send email communications including your quiz results, SEND briefings, and information about our services (legal basis: consent)
• To process payments for digital products (legal basis: contract)
• To verify professional credentials against HCPC and SRA regulatory databases (legal basis: legitimate interest and contract)
• To maintain a directory of verified SEN professionals (legal basis: contract with professional subscribers)

Who We Share Your Data With

When you submit a Get Matched request, we share your name, email address, and brief description with up to 3 verified professionals in your Local Authority area. You explicitly consent to this when submitting the form.

We also use the following third-party services:

• Stripe (payment processing): stripe.com/privacy
• MailerLite (email marketing): mailerlite.com/legal/privacy-policy
• Google Workspace (business email and file storage): policies.google.com/privacy
• Google Analytics (website analytics, anonymised, no personal data shared)

We do not sell your data to anyone. We do not share your data with advertisers. We do not share your data with Local Authorities or any government body.

How Long We Keep Your Data

• Quiz results: retained for as long as you remain on our email list. Deleted within 30 days of unsubscribing.
• Get Matched requests: retained for 12 months, then deleted unless you have an ongoing relationship with a professional found through the platform.
• Professional profiles: retained for as long as the professional maintains an active listing. Deleted within 30 days of account closure.
• Payment records: retained for 6 years as required by UK tax law (HMRC).
• IP addresses collected for spam prevention: deleted after 30 days.

Your Rights

Under UK GDPR, you have the right to:

• Access your data: request a copy of all data we hold about you
• Rectification: ask us to correct inaccurate data
• Erasure: ask us to delete your data (the “right to be forgotten”)
• Restrict processing: ask us to stop using your data in certain ways
• Data portability: request your data in a machine-readable format
• Object: object to our use of your data for any purpose
• Withdraw consent: withdraw your consent to marketing emails at any time by clicking “unsubscribe” in any email

To exercise any of these rights, email hello@sen.help. We will respond within 30 days.

Cookies

sen.help uses:

• Essential cookies required for the website to function (session management, form security tokens)
• Google Analytics cookies for anonymised website usage statistics

We do not use advertising cookies, tracking pixels, or retargeting cookies.

Data Security

We protect your data using:

• SSL/TLS encryption on all pages (HTTPS)
• Secure payment processing via Stripe (PCI DSS compliant)
• Access controls limiting who can view personal data
• Regular backups with encryption

Children’s Data

We do not knowingly collect data directly from children. Our services are designed for parents and guardians, not for children to use directly.

Changes to This Policy

We may update this policy from time to time. The “Last Updated” date at the top of this page will always reflect the most recent version. Significant changes will be communicated via email to registered users.

Complaints

If you are unhappy with how we handle your data, you can contact the Information Commissioner’s Office (ICO):

• Website: ico.org.uk
• Phone: 0303 123 1113

Contact

For any privacy-related questions: hello@sen.help