Skip to main content

Privacy Policy

Last updated 12 October 2023.


Account’ means a Members’ personal account on the Site.

Bricks’ means a way for Members to express creatively through drawing or by uploading their own images and adding text on Our platform.

Courses’ means a place where a Member can enrol and take part in interactive group courses on a variety of topics to help them feel more in control of their emotional health.

House rules’ means the House Rules applicable to Members accessing the Site.

Journal’ means a place a Member can use to note down what they have been up to and what they have been going through.

Member’ means an individual that has registered as such on the Site and has had a Member Account set up on the Site and ‘Membership’ shall be interpreted accordingly.

Member Terms’ means the Terms of Use which incorporate Our House Rules and Privacy Policy detailed on the Site from time to time.

Site’ means our website located at

Support Network’ means the areas of the Site where Members can post and interact with other users, including professionals.

Talkabouts’ means the areas of the Site where Members can share their thoughts with fellow Members to share and discuss what’s on their mind, gain support and advice.

’Wall Guides’ means professionals assigned by Togetherall to provide guidance to Members. 

We’, ‘Us’ and ‘Our’ means Togetherall Limited, a company registered in England and Wales under company number 06227377, with a registered office at 36-38 Whitefriars Street, London, EC4Y 8BQ.

’You’, ‘Your’, ’Yourself’, ’You’ve’ means the: (i) Members and other individual end users that access Our Site, requests or receive any of Our services and/or interact with Us by any means (email, phone, etc.); and (ii) the staff of Our customers (“Customers”) that interact with Us for the purpose of managing the services We provide to the Customer (“Customer’s Users”).


Purpose of this Privacy Policy

Here at Togetherall, We take Your privacy rights very seriously and We seek to ensure the highest standards of compliance. We are committed to complying with all applicable data protection laws, including the Privacy Act 1988 (Cth) (“Privacy Act”).

Our Privacy Policy explains how We collect, use, disclose and retain Your Personal Information (defined below).  It also explains how You can protect Your privacy when You use the Site.

Our services are available to individuals who are 16+ years old and are not intended for children. We do not knowingly collect data relating to children. You can report any knowledge of a child accessing Togetherall by using the ‘Report’ or ‘Ask a Wall Guide’ buttons.

It is important that You read this Privacy Policy together with any other privacy notice We may provide (e.g. when We are collecting Personal Information about You), so that You are fully aware of how and why We are using Your Personal Information. This Privacy Policy supplements other notices and is not intended to override them. Please also read our Privacy Policy in conjunction with Our Member Terms available on Our Site.


Changes to Our Privacy Policy

This version of Our Privacy Policy supersedes any earlier version. Please note that We may review and update Our Privacy Policy and from time to time.

We will always post any changes to Our Privacy Policy on this section of Our Site. If We change the way that We use Your Personal Information, We will inform You via email, a notification on the Site or similar means.

If You have any queries or complaints in relation to this Privacy Policy or how we handle Personal Information, please contact Us using the “how to contact Us” section below.


What is Personal Information?

In this Privacy Policy, “Personal Information” has the meaning given to it in the Privacy Act.  Essentially, personal information is information or an opinion about an individual who is reasonably identifiable. It does not include data where the identity has been removed (anonymous data).

We may also collect “Sensitive Information” when you use our services.  Sensitive Information is a special type of Personal Information and includes details about race or ethnicity, religious or philosophical beliefs, sexual orientation or practices, political opinions, trade union membership, information about Your health, and genetic and biometric data.


What information do we collect?

The types of personal information we collect from you depends on the circumstances in which the information is collected. We have grouped the different types of information together as follows:

  1. Registration Data: 

Registration data includes information about your:

    • date of birth
    • email address
    • postcode
    • telephone number
    • ethnicity (optional)
    • health and wellbeing information (optional)
    • gender (optional)
    • employment / work status (optional)
    • lifestyle / family / marital status (optional)
    • information about other sources of support (optional)
    • information about where you heard about Togetherall


  1. Customer’s Users Data: 

This type of information is collected and generated when a Customer’s User opens a user account, manages the services.  It includes an individual’s:

    • date of birth
    • email address
    • username


  1. Technical and Location Data: 

We collect and store Members time zone and country upon registration, then all relevant IP addresses to Members and other end users accessing the Site along with their login data, browser type and version, operating system and platform, and other technology on the devices they use to access Our Site.


  1. Personal Information within Member Content:

We may collect and store information posted whilst using Our Site for example within Bricks, Talkabouts, Journals or Courses (refer to Our definitions section at the start of this document) sessions, subject to Your privacy settings or when You interact with Us including by phone and email.


  1. Membership Data: 

We also collect Personal Information You provide to us, when You request access to Our services through Your insurance provider, Your university, college or employer or the organisation who referred You to Our service, to ensure eligibility.


If You fail to provide Personal Information

Generally, you have no obligation to provide to us any Personal Information. However, if you choose not to provide the necessary Personal Information, we may not be able to do provide you with the services requested.


How We collect Personal Information (including Sensitive Information)?

We collect Personal Information in a number of ways. The most common ways we collect your Personal Information are:

  • directly from You when You provide it to Us or Our agents or contractors;
  • via Our Site (including during the registration process) or when you deal with us online (including through our social media pages, recruitment portal and discussion forums);
  • from publicly available sources;
  • from our related companies; and
  • from third parties (for example, from Our commissioning body or referees if you apply for a position as an employee or contractor with us).


Purposes for which We will use Your Personal Information

The purposes for which We use and disclose Personal Information will depend on the circumstances in which We collect it.  Whenever practical we endeavour to inform You of why We are collecting your Personal Information, how We intend to use that information and to whom we intend to disclose it.

Some of the common reasons for Us using or disclosing Personal Information include:

  • to register You as a new Member or Customer’s User and maintain Your registration;
  • to administer the Site and Your Membership;
  • to manage Our ongoing relationship with you (including to notify you about changes to Our Member Terms or this Privacy Policy, to communicate with You about the Site and Your Membership, and to let you know about new content and activity on the Site that might be relevant to You);
  • to provide You with the care and treatment You need or request (as applicable) and to keep You or another person safe;
  • to contact you (including to ask you whether You’d be interested in participating in any research projects or to partake / complete surveys)
  • to improve Our services;
  • to administer and protect Our business and Our Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data); and
  • to use data analytics to improve Our Site, products/services, marketing, customer relationships and experiences.


Anonymised Data

We may use Your Personal Information to create data sets and reports that contain anonymised data that cannot be used to identify You. Anonymised data could be derived from Your Personal Information but is not considered Personal Information (as You cannot be identified from this data). We use such reports and data, and may disclose them to external parties, such as funding sources, for: statistical, analytical and reporting purposes; research; and for evaluating and enhancing the Site or improving the service. For example, We may aggregate part of Your Site usage data to calculate the percentage of users accessing a specific Site feature. We may produce reports that identify how many Members live in different geographical areas by using Your postal code along with that of other Members.


Risk or crisis situations (Risk Management) – Support Network

In the rare situation where We feel that You or someone else is at risk We may use Your Personal Information to escalate risk to the appropriate external support mechanisms. In this case, we may need to provide third-parties with Your Personal Information to provide You with the appropriate support. Of course, this decision will always be made with a considered approach by Our team of qualified Senior Clinicians.

The external support mechanism will need Your Personal Information to provide You with the appropriate support. External support mechanisms may include; the appropriate representative from Your commissioning body (such as Your university, college or employer), the organisation who referred You to Our service(s), Your GP and/or the emergency services.


How We may disclose Your Personal Information

We take all reasonable steps to require all third parties We share Personal Information with to respect the security of Your Personal Information and to treat it in accordance with the law.

Often We may need to share Your Personal Information with other service providers in order to facilitate the running of the Site. For example, third parties associated with hosting server co-locations. When this happens, We implement strict contractual agreements with such third parties. We do not allow Our third-party service providers to use Your Personal Information for their own purposes and only permit them to process Your Personal Information for specified purposes and in accordance with Our instructions.

Details of third parties that We share Your Personal Information with are set out in Our linked Page of Third Party sub-contractors.

We may disclose Your Personal Information to Our employees, and agents to administer Your membership and the services provided by Us now or in the future.

We may also disclose Your Personal Information to third parties:

  • when this is necessary for the purpose of the services We provide to You (e.g. We may share information with the person that referred You to Us, for example with Your insurance provider to confirm Your eligibility where You request access to Our services through said provider, such as a unique identifier to activate any account benefits);
  • if We are required to do so by law or to comply with any legal obligation;
  • in order to enforce or apply Our Member Terms and other agreements; or
  • to protect the rights, property, or safety of Us, Our customers, or others.

This may include exchanging information with other companies and organisations such as the police, regulatory bodies or legal advisers for the purposes of security, risk reduction and fraud protection. For example, We may disclose Your Personal Information to the police in connection with any alleged criminal offence.

We may disclose Your Personal Information to third parties to whom We may choose to sell, transfer or merge parts of Our business or Our assets, but this will always be on a “need to know basis”. We may also seek to acquire other businesses or merge with them. If a change happens to Our business, then the new owners may use Your Personal Information in the same way as set out in this Privacy Policy.


Overseas disclosures

Some of the third parties to whom we disclose your personal information may be located overseas. For example, we may disclose your personal information to external national or overseas facilities associated with hosting server co-locations and members of Our group located overseas. The countries in which these third parties are located will depend on the circumstances. However, in the course of our ordinary business operations we may disclose personal information to employees, third parties or contractors located in the United Kingdom, the European Economic Area, Canada, New Zealand and United States.



Business Customers

This section does not apply to Members and only applies to the representatives of our business customers.

We may also use Your Personal Information to send You and keep You updated with information by e-mail or message through the Site about existing and new services from Us and to send You information by e-mail or message through the Site about related products or services of selected third parties that may be of interest to You.

If at any time you wish to no longer receive our marketing emails, or no longer consent to our use of the tracking pixel, an unsubscribe link is found at the bottom of every email where you can opt out.

You have the right at any time to stop Togetherall from contacting you. If you no longer wish to be contacted for marketing purposes, please email



This section applies to Members of the Togetherall platform.

To opt-out of receiving these messages as a Member or as an Account holder, You can also use the facility contained in any such communication or change Your ‘Account settings’ through Your Togetherall profile on the Site. You may also contact Us to opt out using the information under the ‘Contacting Us’ section above: please state Your member name, and from whom You do not wish to receive further communications.

Also see the ‘Your Rights’ section below, for information about how to withdraw Your consent to receive these messages.


Protecting Your privacy and identity

Our main aim in providing The Wall is to provide a safe place for Members to share their thoughts, feelings and discussions with others in a confidential environment, where Your anonymity is respected.

We take reasonable steps to protect Your Personal Information from unauthorised access, use or disclosure, or modification or destruction. For example, We train Our personnel to protect Your privacy and require them to comply with Our policies and procedures that protect Your Personal Information. In addition, We limit access to Your Personal Information to Our employees, agents, contractors and other third parties who have a need to access that information. They will only use or disclose Your Personal Information on Our instructions and each of them are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data breach. We use computing systems in secure facilities to store Your Personal Information in an encrypted form. Data between our servers and a client browser is transferred via HTTPS/TLS. This means that Your Personal Information is encrypted between the device and Our external host storage.

We only collect Personal Information We actually need for Our specified purposes. We ensure that Personal Information is up-to-date, accurate and complete and limited to what is necessary in relation to the purposes for which it was collected.


Retention and destruction of Personal Information

We only keep Your Personal Information for so long as it is necessary to fulfil the purpose for which it was collected and to comply with guidelines for the retention of health records and also for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

To determine the appropriate retention period for Personal Information, We consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of Your Personal Information, the purposes for which We process Your Personal Information and whether We can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Please note, we may retain some information in anonymised form.


Accessing Your Personal Information

When Your Member Account is still active (i.e. You have logged-in within the previous 8 years), You may login to Your Member Account on the Site at any time to view Your Personal Information. If Your Member Account has expired, You may reactivate it by contacting Us using the contact form or through the details below (see “How to Contact Us”). We will generally be able to reactivate Your account for a period of two weeks in order for You to access and copy Your Personal Information and Member Content. You may update Your email address at any time by logging in and accessing ‘Account Settings’.

Tip: You may click on Your My Profile picture and see all the Member Content You have posted in one place. You may also see all Your Bricks, Talkabouts and Course content by visiting those sections of the Site.



If you opt-in to receiving our emails, you are also consenting to our use of a tracking pixel.

A tracking pixel operates in a similar way as cookies are used in web browsers. A tracking pixel is usually part of electronic mail marketing. We use the tracking pixel to gather data on how our email activity is received such as, but not limited to, device, IP address, open time, link activity and website activity if a user clicks through to our website from our marketing emails. We use this information to create a better site experience for you and our customers, help personalise emails and tailor the site experience for all who opt in to hear from us.

Our Sites use certain cookies, pixels, beacons, log files and other technologies. Please see our Cookies Policy to learn about the cookies we use and how to manage your preferences.


Privacy policies of other websites

Our Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about You. Please note Our Privacy Notice only applies to Our Site, if You click on a link to an external website You should read their privacy statements. We do not accept any responsibility or liability from the actions or omissions of any third-party websites which You may access.

Such third-party websites are not investigated, monitored or checked for accuracy, appropriateness, or completeness by Us, and We are not responsible for any websites You may access via a recommendation or suggestion on the Site. Inclusion of, linking to or permitting the use or installation of any third-party website or any third-party applications, software or content does not imply approval or endorsement by Us. If You decide to leave the Site and access a third-party website or to use or install any third-party applications, software or content, You do so at Your own risk.

We are not responsible for the policies, content or security of these linked websites, including how they protect Your privacy and collect, use and disclose Personal Information.

We do not have any control over the use to which third parties may put Your data where You choose to purchase products or services or otherwise to contact them via the Site and We take no responsibility or liability for such use by third parties. Please check any policies on such websites before You submit any Personal Information to them.


Your data protection rights

If You wish to make a data subject request for a right which you have under applicable privacy laws, please contact Us by any of the means specified in the How to Contact Us section above.


Your right of access

You have the right to request access to Your Personal Information which We hold. We will provide access to your Personal Information in accordance with applicable privacy laws, subject to certain exemptions which may apply. You can also view the latest Personal Information We hold on Your Member Account by logging into Our platform and viewing the “Account Settings” section.


Your right to rectification

This enables You to have any incomplete or inaccurate Personal Information We hold about You corrected, though We may need to verify the accuracy of the new Personal Information You provide to Us. If You would like to do this, please contact Us and let Us know the information that is incorrect and the information You want it replaced.



Generally, You will not have to pay a fee to access or correct Your Personal Information. However, We may charge a reasonable fee if Your request is clearly unfounded, repetitive or excessive. Alternatively, We could refuse to comply with Your request in these circumstances. We will notify You if this is the case at the time.


Time Limit to Respond

We try to respond to all legitimate requests within one month. Occasionally it could take Us longer than a month if Your request is particularly complex or You have made several requests. In this case, We will notify You and keep You updated.


How to contact Us

You can contact us in the following ways:

  • Email: By emailing Our Data Protection Officer at:
  • Phone: By calling Us on +44(0)203 405 6196
  • Mail: by writing to Us at:

27 Old Gloucester Street






If you have any comments or concerns regarding the way in which We have used Your Personal Information, or if You believe that We have not adhered to this Policy or the applicable privacy laws, please contact us (using the contact details set out in the How to Contact Us section).

The way we will handle complaints is set out in our Complaints Policy.

We ask that you contact us first about any complaint.  If You have are not satisfied with how we have sought to resolve your complaint, You can also contact the Office of the Australian Information Commissioner:

  • Phone: 1300 363 992;
  • Mail: Director of Compliance, Office of the Australian Information Commissioner, GPO Box 5218, Sydney, NSW 2001; or
  • The OAIC’s website: