Privacy Policy

At Clearhead, we know your privacy is important. So we want to make sure you understand how and why we handle your personal information when you use our services.

To make it easier to understand, we’ve summarised our approach in this section and provided more information in the Detail below.

1. We collect a range of personal information to provide our services, including your contact details, date of birth, ethnicity, gender, general location, mental health information and information about your use of our services.
2. We typically get your consent to collect sensitive personal information - like your mental health information - unless it’s an emergency or we have to collect it by law. You can withdraw your consent at any time.
3. We use your information to communicate with you, verify your identity, connect you with suitable Therapists and advisers, provide you with personalised wellbeing support, provide our other services and run our business. You don’t have to give us all the information we ask for, but that might mean you’re not able to access our full range of services.
4. We collect your information directly from you when you interact with us and use our services. We may also collect your information from third parties like your therapist, employer, health insurance provider or re-sellers of our services to check your eligibility for free therapy sessions (where available) and to provide you with personalised support.
5. We protect your information and delete it once we no longer need it.
6. We may sometimes need to share your information with third parties so we can provide our services and run our business. See section 8 for more detail.
7. You have rights to request access to your personal information and for it to be corrected. You can contact us at [email protected] with any concerns.

Key things to note

• We don’t have access to anything you share during therapy sessions – this confidential information always stays with your therapist.
• We use some AI to personalise our wellbeing services but your personal information is never used to train third-party AI models.
• We use aggregated, de-identified information to report to our EAP clients, resellers and insurers about staff, customer and member engagement with our services. We take great care to ensure no one can be identified in those reports.
• We never sell personal information. We only share it with third parties where that’s needed to run our business and provide our services.

This Privacy Statement was last updated in May 2025.

Adviser refers to the providers of career counselling, redundancy, financial advice and legal advice services that can be accessed through our services in certain circumstances.

Clearhead, we, us and our means Clearhead Limited and Clearhead Australia Pty Ltd.

Client means an organisation that has signed up to use Clearhead as its EAP provider. They may also be your employer.

Insurer means a health insurance provider that has partnered with Clearhead to provide its customers with access to Therapists and who may pay for therapy sessions.

Personal information means information or an opinion about a living, identifiable person.

Platform means the Clearhead digital platform located at www.myclearhead.com and supporting mobile application.

Reseller means companies that sell the “Clearhead Lite” package to small businesses, including access to essential mental health tools and funded therapy sessions for staff.

Sensitive information means personal information that includes information or an opinion about matters like an individual’s mental and/or physical health, racial or ethnic origin, political opinions, religious beliefs, trade union membership or sexual orientation or practices.

Services means the full range of services provided by Clearhead, including the Platform, telephone support services, clinical services and access to Adviser services.

Therapist means a professional provider of mental health services that we connect with Users to arrange therapy sessions.

User means any individual who uses our Services, either directly through a free “Basic Account” or via an employer, Insurer or Reseller-supported account that provides access to premium features.

Clearhead offers a range of services to Users, Therapists, Clients, Insurers and Resellers, including:

• Wellbeing services: access to a wide a range of mental well-being support services and content, including self-help resources and an AI wellbeing assistant.
• Therapy booking: Users can be matched with a suitable Therapist and then arrange therapy sessions and co-ordinate invoicing and payment through the Platform or by phone and email.
• Client Portal: Clients can manage staff eligibility for access to the Platform and view de-identified reports about staff usage of our Services.
• Clinical support helpline: Clients can access clinical support in relation to the mental health and wellbeing of employees. We also operate a 24/7 helpline for anyone experiencing a mental health crisis and needing urgent support.
• Specialist workplace clinical offerings: Clients can engage Clearhead to provide various onsite or online clinical services.
• Adviser services: Some Clients engage us to facilitate staff access to career (including redundancy), financial and/or legal advice services.

We collect the following types of personal information when providing our Services. Our purposes for collection and use are set out below in bold.

Contact details like your name, phone number(s) and email and physical addresses so we can provide our Services and communicate with you about them, including to let you know about new or improved products and services.

Demographic information like your date of birth, unique identifiers like your employee ID number, ethnicity, gender and location (country and city plus suburb if you want to be matched with a nearby Therapist). We collect this to verify your identity, provide you with personalised support, match you with suitable Therapists, measure the effectiveness and reach of our services to help us improve the Platform and our services and generate aggregated de-identified reporting about engagement with our services to help us understand, respond to and market wellbeing trends and engagement insights.

Sensitive information, including your ethnicity and mental and other health information that you self-report to us, including when using our clinical support services and the Platform – like mood tracking, interactions with our chatbot and providing reasons for wanting therapy. This information enables us to provide you with personalised support and to match you with appropriate Therapists and Advisers for your needs.

Please see section 5 on Consent in relation to the collection and use of your sensitive information.

Employment information, like your employer, job title, role, employee ID, department, place of work, and incidents so we can determine your eligibility for therapy or Adviser sessions paid for by your employer, Insurer or Reseller – like confirmation you are employed by the relevant Client or have a current insurance policy with the relevant insurer. In critical incident situations, we may also need to collect your work address and information about workplace injuries.

Billing and purchase information so we can facilitate your payments for session bookings with Therapists and Advisers. We use a third-party payment processor to process all payments.

Information about our interactions with you like support enquiries, other communications and any feedback you provide about our Platform and services. This includes recordings of inbound telephone calls we have with you, including while you are placed on hold or are being transferred to another agent. We use these recordings for operational and training purposes, to maintain a record of our interactions with you and to understand any concerns you may have so we can improve your experience.

Therapist and Adviser profile information such as the relevant individual’s name and contact details, biography, specialisations and proof of qualifications, insurance and years of experience. We also collect Therapists’ clinical registration details. This information is used to check Therapists and Advisers are suitable to provide their services via the Platform.

Cookie and Device data: We collect data from the device you use to access the Platform, your IP address, operating system, browser details and time of visit. We also use cookies and other mechanisms to understand what web pages you visit, what you click on and when you performed those actions to help us understand how people use the Platform and to make our content more relevant and useful. You can disable cookies at any time by changing your browser settings, but please be aware that this may make certain Platform functions unavailable.

Other reasons for collection: We may also collect and use your personal information for other purposes where you have authorised us to do so or as permitted or required by law.

Our Services are intended for adult Users only and should not be directly accessed by anyone under the age of 18. If you are under the age of 18, you must get your parent’s or guardian’s consent before sharing your personal information (including your sensitive mental health information) with us.

Parents/guardians may provide their children’s personal information when booking Therapist sessions on behalf of minors within a family unit as part of the “family access” services available to some Clients. Parents/guardians who do so are responsible for telling their children they have shared their personal information with us, getting their consent to do so and communicating the contents of this Privacy Statement to them.

If we are alerted that someone under the age of 18 has submitted their personal information to us without the consent of their parent or guardian, we will endeavour to delete it as soon as possible. If you believe this may have happened, please contact us at [email protected]. If we cannot remove it, we will ensure it’s not used for any purpose or shared with anyone else.

We typically ask for your consent when we collect your sensitive personal information as part of providing our Services. You can withdraw your consent by emailing us at [email protected]. Please note that doing so might prevent us from being able to provide our full range of services to you.

We may not ask for your consent when collecting your sensitive information in emergency situations where it’s not practical and we reasonably believe we need to handle and disclose the information to address a serious threat to your or someone else’s life, health or safety. For example, if we are concerned there is a risk you might harm yourself or others, we may need to escalate this to emergency services, public mental health crisis teams and/or other relevant third parties.

If you provide us with someone else’s personal information - like that of a staff or family member to book therapy sessions on their behalf - then you are responsible for getting their consent for us to collect, use and, where necessary, disclose their information. You are also responsible for communicating the contents of this Privacy Statement to them.

You don’t have to provide us with the personal information we request. But if you don’t, we might not be able to make all our services and all parts of the Platform available to you. For example, if you don’t enter your mental health challenges or areas of interest, we won’t be able to provide you with a personalised experience that is customised to your needs.

You can opt out of receiving email and mobile phone notifications by clicking on the available “unsubscribe” links in those messages.

Personal information we collect directly from you:

• Information you give us, including in the Platform or over the phone. For example, setting up your account, registering for a webinar or completing your Mood Journal.
• Information generated when you interact with us, such as communications by phone or email and through using the Platform, like your device data and the web pages you visit.
• Passive mobile phone behavioural data (e.g.about your physical activity or sleep) that you choose to share so we can give you more personalised support. You will need to opt in to sharing this information with us in your device settings.
• Therapist calendar integrations: Therapists can connect their digital calendar (e.g. Google Calendar, iCal etc.) to the Platform to provide visibility of their real-time availability in the online booking system. This only gives Clearhead visibility of available time slots for therapy sessions and we are not able to see Therapists’ appointments and other personal information.

Personal information we collect from third parties:

• Funded therapy providers: Some Clients, Insurers and Resellers pay for their staff, members or customers to access a certain number of therapy sessions, which are paid for the by relevant Client, Insurer or Reseller. They will provide us with your personal information so we can check your eligibility for funded therapy – like confirmation you are employed by the relevant Client or have a current insurance policy with the relevant insurer.The personal information we collect in these circumstances includes your name, email address and unique identifier like your employee ID number.
• Therapists: When scheduling therapy sessions and co-ordinating invoicing and payment using the Platform or our phone service, Therapists may share your name, contact details and booking times with us. They may also share limited high-level mental health information with us if they recommend you receive additional funded therapy sessions, like why such further therapy is recommended. This information is then de-identified by Clearhead before being passed on to the relevant funder for confirmation they will pay for the additional sessions. The Therapist will get your consent to the sharing of your information with us and the entity funding the session(s).
  
  Please note that all personal information, including sensitive mental health information, that you share with a Therapist in a therapy session is confidentially handled and protected by the Therapist in question. Clearhead has no access to any personal or other information shared by Users with Therapists during therapy sessions.
• Employers: If your employer is one of our Clients, they may share personal and sensitive information with us - like your contact details and high-level mental health information - so we can provide our Services, such as access to clinical and advisory support in relation to or on behalf of staff members. Your employer should obtain your consent to disclosing your personal and/or sensitive information to us unless it is an emergency situation.
• Advisers: If your employer engages us to facilitate access to career (including redundancy), financial and/or legal advice services for their staff or customers and you request access to any of these services, then the relevant Adviser may provide us with your contact details and availability so we can help facilitate bookings and payments on their behalf.
• Google Analytics: We use Google Analytics to get information about your interactions with the Platform and our services. You can opt-out of the Google Analytics service using your information by installing the Google Analytics Opt-out Browser tool.
• Authentication providers: If you choose to use a third-party authentication provider like Google or Facebook to log in to the Platform, they will share a security token with us to authenticate you, after which the token will be deleted. We don’t collect any other personal information about you from them and we don’t share any personal information back to those providers.
  
  Please note that the authentication provider will collect a record of your use of its service to log in to the Platform. Similarly, if you use a workplace authentication provider to log into the Platform – like your employer’s Microsoft 365 or Active Directory account - your employer may be able to see the date and time you logged into the Platform via that provider. Clearhead never directly provides that information to employers.

We share your personal information with the following types of entities to help us provide our services.

Therapists and Advisers: We share your contact details, payment information, availability and reason for wanting therapy or other advice with Therapists and Advisers to facilitate the booking and payment of therapy and other applicable sessions with them.

Funded therapy providers: We may need to share limited high-level mental health information with the entity paying for your therapy sessions (e.g. an employer, Insurer or Reseller) where your Therapist has recommended that you seek additional funded therapy sessions. This will also be the case for your family members seeking further funded therapy through “family access” arrangements. That may include information like the reasons why further therapy is recommended. We de-identify the information we receive from Therapists before it is passed on to the relevant funder, which means the funder will not have visibility of who the request pertains to. We also provide aggregated, de-identified reports about engagement with our services to Clients, Insurers and Resellers. For example, we may provide your employer, Insurer or a Reseller with high-level wellbeing reports featuring anonymised and aggregated information about general usage of the Platform, key statistics and feedback about our services.

Employers: If your employer is one of our Clients, we may also need to share your personal and/or sensitive information with them from time to time, such as where you have consented to your employer organising therapy sessions on your behalf and where we share de-identified user feedback on our Services with them. We may also need to share your personal information with your employer where they have engaged us to provide specialist workplace clinical offerings, like Alcohol and Other Drugs (AOD) or fitness to work assessments. We always get your consent before the service is delivered and any personal information in assessment results is shared. We may also need to share your personal and/or sensitive information with your employer in critical incident situations occurring at your workplace where there are concerns for your or another person’s safety.

Service providers: We may share your personal information with a range of service providers so we can make the Platform available and provide our services to you. For example, service providers that host or maintain our underlying IT, infrastructure and hosting services, data centres and communications systems, as well as the agents and business partners that enable us to perform our business activities in relation to the Platform and our services. Those service providers are usually processing your personal information on our behalf and in circumstances where we remain responsible for it.

Overseas disclosure: We may disclose your personal information to service providers in Australia, New Zealand, the US and the EU.

Other disclosures: We may also share your personal information with other third parties where we have your consent/authorisation, the disclosure directly relates to the purpose for which we collected the information, we reasonably believe there is a serious threat to someone’s life, health or safety (including your own), in relation to the proposed purchase, sale or merger of our business or assets and where we are required or permitted by law to do so.

Secure protection of your personal information is extremely important to us. We take all reasonable steps to ensure the personal and sensitive health information we handle is stored in a secure environment and protected from unauthorised access, interference, modification, disclosure or other misuse or loss.

• We store all data in encrypted files using 256-bit Advanced Encryption Standard (AES-256) at rest.
• Transport Layer Security (HTTPS) is used for all communications over the internet.
• We only allow essential staff to access personal information and all Clearhead staff complete privacy and information security training.
• We conduct regular security audits to comply with the HISO 10029:2015 and ISO-27001 standards. We are working toward achieving industry best practice standards, including SOC 2.

You have the right to ask for a copy of any personal information we hold about you and to ask for it to be corrected if you think it’s wrong. To make a privacy request, update your information or tell us about any concerns, please contact us at:

• Email: [email protected]
• Phone:
  NZ: 0800 CLR HED
  Australia: 1800 CLR HED

We’ll need to verify your identity before releasing or correcting your personal information so we can make sure it relates to the right person. We may need to charge our reasonable costs for providing copies or correcting the requested information.

If you want to access or correct your health information that you shared with your Therapist (or that they have created about you), you will need to contact your Therapist directly.

If you have any queries about how we handle your personal information, or if you think we have a refused a request for information without a good reason, then please contact us using the contact details above and we’ll do our best to resolve your concerns.

If you have a privacy-related complaint, please email [email protected] in the first instance. If we can’t resolve your privacy concerns to your satisfaction and you live in New Zealand, you can refer the matter to the Office of the Privacy Commissioner. If you live in Australia, you can refer the matter to the Office of the Australian Information Commissioner.