GDPR a psychoterapie: Co musíte vědět o ochraně dat při terapii

When you sit down for therapy, you’re not just sharing your thoughts—you’re trusting someone with deeply personal information. That’s why GDPR, the EU’s strict data protection law that gives you control over your personal information. Also known as Obecné nařízení o ochraně osobních údajů, it ensures your therapist can’t share your notes, recordings, or even your name without your clear permission. This isn’t just bureaucracy—it’s your right to privacy in a space where vulnerability matters.

Therapists aren’t just counselors—they’re data handlers. Every session note, email exchange, or online call falls under GDPR. That means your therapist must store records securely, delete them when you ask, and never use them for marketing. If you’re seeing someone online, they must use encrypted platforms. No WhatsApp. No unsecured Google Docs. If they’re using cloud storage, it must be certified. In the Czech Republic, therapists who ignore these rules risk fines up to 20 million euros—or 4% of their annual revenue. You don’t need to be a tech expert to know this: if your therapist doesn’t mention GDPR in their first session, ask.

What about your records after therapy ends? Under GDPR, you have the right to see every note they’ve written about you, request corrections, or even ask for everything to be deleted—unless the law requires them to keep it for a specific time (usually 10 years for medical records). But even then, they can’t share it with anyone—not your employer, not your family, not even your doctor—without your written consent. This isn’t just about rules. It’s about control. You decide who knows what, and when.

Some therapists still use paper files. That’s fine—as long as they’re locked away, not left on desks, and shredded when no longer needed. Others use digital systems with two-factor authentication. Either way, your data must be protected with the same care as your bank details. If you’ve ever felt uneasy about how your information is handled, you’re not overreacting. That discomfort? It’s your intuition telling you something matters.

And here’s the truth: GDPR doesn’t make therapy harder—it makes it safer. When you know your data is locked down, you can focus on healing, not worrying. You can speak freely, knowing your secrets won’t leak. You can choose online sessions without fear. You can walk out of therapy and feel confident your past won’t follow you in a database.

Below, you’ll find articles that dig into how this works in real life—from how online therapy complies with GDPR, to what happens when trauma records are stored, and why your therapist’s privacy policy isn’t just fine print. These aren’t legal manuals. They’re practical guides for people who want to feel safe while getting help.