← Back to ToshaLife

Assessment Privacy Notice

Last updated: May 2026

Who we are

This assessment is operated by Dr. Swapna Vithalkar, a licensed therapist practising through ToshaLife. For questions about your data, contact us at toshalifecoach@gmail.com.

What data we collect

When you complete this assessment, we collect:

  • Your first name and email address
  • Your responses to the assessment questions
  • The date and time you completed the assessment
  • Your consent record (date and time you accepted this notice)

Why we collect it

Your data is processed for the purpose of clinical screening and assessment, carried out by Dr. Swapna Vithalkar in her capacity as a health professional. The legal basis for processing special category health data is Article 9(2)(h) of the UK/EU GDPR — processing necessary for the provision of health care by a health professional.

This assessment is not a diagnosis. It is a validated screening tool used to identify patterns and inform the clinical conversation between you and Dr. Swapna.

Who has access

Only Dr. Swapna Vithalkar can view your responses, via a password-protected admin login. Your data is not shared with any third party, not used for marketing, and not sold under any circumstances.

Where your data is stored

Your data is stored on EU-based servers (MongoDB Atlas, Google Cloud Platform, Europe region). All data is encrypted in transit (TLS) and at rest. The hosting infrastructure complies with GDPR Chapter V requirements for international data transfers.

How long we keep it

Assessment data is retained for 2 years from the date of completion, after which it is automatically and permanently deleted. You may also request deletion at any time (see Your Rights below).

Your rights

Under GDPR, you have the right to:

  • Access — request a copy of your assessment data
  • Rectification — correct any inaccurate data we hold
  • Erasure — request that your data be permanently deleted
  • Restriction — ask us to limit how we process your data

To exercise any of these rights, email toshalifecoach@gmail.com with the subject line "Data Request". We will respond within 30 days.

Supervisory authority

If you are based in Sweden and have concerns about how your data is handled, you have the right to lodge a complaint with the Swedish Data Protection Authority (IMY): www.imy.se