Go to Top
your ABA
taster now

At Beam, we take the privacy and safety of our service users very seriously. We have written this document to tell you:

  • What information (data) we collect.
  • How we use it
  • How long we store it
  • Your rights with regard to the information you share with us.


Your Data – Your Rights

When you sign up to Beam, you give us some basic information. This information is called “data”.

This data tells us what services we provide to you and used to process payment for such services. This information is stored securely on our servers and is anonymous and encrypted. (Coded which ensures your data is protected)

We use this data to measure how we are performing as a service and to improve our service.


Progress review reports

We are asked by the people who pay for the service – the local authority, the CCG, and/or our families directly, to provide them with a progress review report specific to a service user. We share these reports only with those with whom we have been requested to do so, i.e., for whom we have consent to share with.


Referral from Beam to external services

Sometimes getting extra help for you can be really helpful, depending on where you live you may be given the option of a referral to another service in your area. These services may be operated by Beam or a partner organisation.

If you choose to self-refer to one of these services through the Beam platform you will be asked to give us your personal details: your name(s), address, phone number and date of birth. This information/data is called Personally identifiable information or PII for short.

Your PII will be stored on the Beam system and is only accessible to the Beam Team and the organisation you are being referred to. The clinician will seek your consent to pass over your details, although we will ‘act’ to protect you without your consent if necessary or if you are unable to give consent. We will always let you know who we are passing details to and would work with you to agree every step we may take and why, if this is appropriate to do so.



If we are really worried about you and think that you are at risk or danger, we will talk to you about the need for somebody outside the Beam team to know what has happened or what is happening to you.

We would only do this if:

  • your life is at risk because of something you are doing
  • you are at risk from somebody else
  • you are a risk to somebody else.

In these cases, we have a duty of care to inform the relevant safeguarding teams and/or Care Quality Commission.

Your PII will be stored on the Beam system and is only accessible to the Beam Team and the organisation you are being referred to. We will always:

  • Seek your consent to pass over your details, although we will act to protect you if you are at risk of harm, if you tell us something which means you could pose a risk to others or if you are unable to give consent
  • Let you know who we are passing details to and why.
  • Keep you informed of any actions we intend to take.
  • Where possible, we will work with you to agree every step taken.


Your right to withdraw your consent

You have the right to withdraw consent if you have shared any personal identifiable information with us and we are able to identify you.  You can withdraw your consent to share information at anytime.  A request to withdraw consent should be sent to Judy Happe who is our Data Protection Officer.

The contact email address is DPO@mindzonegroup.com


 The right to view the data we hold about you.

Families, children, and young people have the same rights as adults to see what data is kept about them. If you want to view your records at Beam you can do so by messaging our Data Protection office: DPO@mindzonegroup.com.

We can only show you your data if we know who you are and can provide proof of your ID.

Because your data is sensitive and may be triggering we don’t post out data to children and young people, but will invite you into our office in Manchester or London, so that a Beam clinician can provide support to you while you view your data.




Referrals to Beam from external services in from a third party

Sometimes, children and young people are referred into our service by a third party, such as your GP, your school, your parent.

If you have been referred to Beam by someone, you may not be anonymous when you sign up to Beam and we may know who you are from day one.

If this is the case, we keep your personal details (usually a name, address, date of birth and phone number) in a separate ‘pen profile’ section.

When you talk to a clinician with Beam, they will remind you that you are not anonymous and that if you tell them anything that worries them with regard to your safety or the safety of others – they may have to act to keep you or others safe.

They will always try to talk to you first before taking any action. Sometimes, if the situation is very serious, they will have to take action without talking to you first.


Data storage

All the data we collect is stored in the US on servers owned by DataFinch https://www.datafinch.com

We trust DataFinch to keep our data safe and encrypted to protect it from cyber-attacks or hacking.

DataFinch are GDPR compliant.



If you have a concern about how Beam is using your data, you can report it here: https://ico.org.uk/concerns/



A cookie is not just the name of a delicious snack. A ‘cookie’ is also a term used to describe a tag that websites can link to each person that visits a site. The information collected through the tags can then help to understand what users are doing on a website, and how the website could be improved.

Beam allow the following services to collect cookies about how users engage with the site:

DataFinch, which is a service that Beam uses to store and analyse data to ensure we are providing you with the best service.

The cookies that Beam allows these services to collect will not compromise your anonymity. To see a list of the specific information that is collected by these sites, please click here.


Frequently Asked Questions


What is consent?

Consent meanspermission for something to happen or agreement to do something.”


What happens when I give a clinician my details?

Your clinician will ALWAYS seek your consent (permission) to collect and keep your personal details on file.

You do not have to give consent OR give them your personal details.

If you do decide to give your clinician your PII – This means that when you come to Beam you are no longer ‘anonymous’ to us. We know who you are and (usually) where you are. As a ‘duty of care’ if you tell us anything worrying, we have to act in your best interests to keep you safe and/or to protect you.

Where possible, we will always work with you to ensure that you are safe and informed and involved in any decisions we make with regard your health and well-being.


What data do we hold at Beam?

Your data held on Beam consists of:

  • Your referral profile information
  • Your session quantitative and qualitative data
  • PII that you have chosen to share with us (this may include details of other agencies that you are working with)
  • Incident reports
  • Safeguarding concerns

How long is my data stored?

All information held by Beam will be stored in an archive for a period of twenty years in line with the NHS – Nice guidelines. This archive will not be generally accessible to the Beam team, but can be accessed if requested for a legal process.  


Can I ask for my account to be deleted?

Children have the same rights as adults over their personal data. These include the rights to access their personal data; request rectification; object to processing and have their personal data erased.

You can ask for any of the above if we have enough information to identify you.

You will need to make this request in writing via email to the Data Protection Officer (DPO) DPO@mindzonegroup.com


Can you trace or find me from my IP address?

We do not keep or store full IP addresses of our users – Google Analytics collects data from every visit but it does not store any personally identifiable information. A visitor’s IP address is used to determine their physical location but the IP address itself is not data that can be accessed through Google Analytics. All data in Google Analytics is aggregated and anonymised.


Your data and you

If you think your data has been misused or that the organisation holding it hasn’t kept it secure, you should contact the organisation and discuss this with them. If you’re unhappy with their response or if you need any advice you can contact the Information Commissioner’s Office (ICO). Telephone: 0303 123 1113 or via the website www.ico.org.uk