Privacy Policy

Last Updated: January 2025

1. Introduction

Eunoia Human Asset Management ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services or website, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

Eunoia Human Asset Management
Office 501, Worldwide Building
Opp. Peninsula Newspaper, D-Ring Rd
Doha, Qatar
Email: care@eunoiawellness.qa
Phone: +974 5994 6941

3. Information We Collect

3.1 Personal Data

We may collect and process the following categories of personal data:

  • Identity Data: Name, job title, organization name
  • Contact Data: Email address, telephone number, postal address
  • Health Data: Information related to mental health and wellbeing (collected with explicit consent for service provision)
  • Technical Data: IP address, browser type, device information, website usage data
  • Usage Data: Information about how you use our website and services
  • Marketing Data: Your preferences for receiving marketing communications

3.2 Special Category Data

As a mental health and wellbeing service provider, we may process special category personal data (health information) with your explicit consent or where necessary for the provision of healthcare services, in accordance with Article 9 of UK GDPR.

4. How We Use Your Information

We use your personal data for the following purposes:

  • To provide and deliver our services (EAP, MHFR, training, diagnostics)
  • To communicate with you about our services
  • To process and respond to your inquiries
  • To comply with legal obligations
  • To improve our services and website
  • To send marketing communications (with your consent)
  • To ensure the security and confidentiality of our services

5. Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Consent: Where you have given clear consent for specific purposes
  • Contract: To perform a contract with you or take steps at your request
  • Legal Obligation: To comply with legal requirements
  • Vital Interests: To protect your or another person's vital interests
  • Legitimate Interests: For our legitimate business interests (balanced against your rights)

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service Providers: Trusted third parties who assist in delivering our services (under strict confidentiality agreements)
  • Healthcare Professionals: Licensed counselors and mental health professionals (with your consent)
  • Legal Authorities: When required by law or to protect rights and safety
  • Business Transfers: In connection with any merger, acquisition, or sale of assets

All third parties are contractually obligated to maintain confidentiality and security of your data.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of sensitive data in transit and at rest
  • Access controls and authentication procedures
  • Regular security assessments and updates
  • Staff training on data protection
  • Secure data storage systems

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Health records are typically retained for 7 years from the last service date, in accordance with professional standards.

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data (subject to legal requirements)
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Request transfer of your data to another service
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time (where applicable)

To exercise these rights, please contact us at care@eunoiawellness.qa.

10. Cookies and Tracking

Our website uses cookies to enhance user experience. You can control cookie preferences through your browser settings. For more information, please see our Cookie Policy.

11. International Data Transfers

If we transfer your data outside the UK/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, in compliance with UK GDPR requirements.

12. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from children without parental consent.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

14. Suggestions and Feedback

We welcome your suggestions and feedback. Please write to us at care@eunoiawellness.qa

15. Contact Us

For questions about this Privacy Policy or to exercise your rights, please contact:

Data Protection Officer
Eunoia Human Asset Management
Email: care@eunoiawellness.qa
Phone: +974 5994 6941

Eunoia Logo
About
Overview History Team Certifications Case Studies
Solutions
Mental Health First Response Employee Assistance Program Corporate Diagnostics Training & Development Wellbeing Guidelines Psychometric Testing
Resources
Articles Case Studies Whitepapers Tools
Access EAP Portal