Privacy Policy

How to Birth a Mother (“we,” “us,” or “the practice”) is operated by Therese Röjsäter. This policy explains what personal data we collect, why we collect it, how we use it, and the rights you have under the EU General Data Protection Regulation (GDPR).

1. Data we collect

Information you give us directly. When you book a discovery call, fill in a contact form, or subscribe to the newsletter, we collect: your name, email address, phone number (if you provide it), the content of any message you send, and any information you choose to share about your pregnancy, prior births, or care preferences.

Information collected automatically. Our hosting provider logs standard request data: IP address, browser type, pages visited, and timestamps. This is used for security and basic site analytics. If you consent on the cookie banner, analytics and advertising tools also load, as described in section 6.

Booking platform. Discovery calls are scheduled through our own booking calendar, operated for us on the Archway platform. When you book, it processes your name, email, time zone, and selected appointment details, creates the calendar invitation and video-call link through Google Calendar and Google Meet, and sends the confirmation and reminder emails from our own email address. Google's privacy policy applies to the calendar invitation in parallel to ours.

2. How we use it

We use your data to schedule and conduct discovery calls, deliver doula services if you engage them, send the newsletter you subscribed to, respond to your questions, and meet our legal and accounting obligations. We do not sell your data, and we do not share it with third parties for their own marketing.

3. Legal basis

We process your data on the basis of: (a) your consent, when you subscribe to a newsletter or initiate contact; (b) the performance of a contract, when you engage doula services; (c) our legitimate interests in running and securing the website; and (d) our legal obligations under applicable law.

4. How long we keep it

Newsletter subscribers: until you unsubscribe. Client records: for the duration of the engagement plus seven years (to meet applicable accounting and tax-record obligations). Form submissions that do not lead to engagement: up to twelve months. Server logs: up to thirty days.

5. Your rights

You have the right to access, correct, or delete your data; to restrict or object to its processing; to data portability; and to withdraw consent at any time. To exercise any of these rights, email therese@howtobirthamother.com. If you are not satisfied with our response, you have the right to lodge a complaint with the data protection authority in your country of residence.

6. Cookies

This site uses strictly necessary cookies (e.g., language preference, embedded booking iframe) that are always active. In addition, we use analytics tools to understand how visitors read the site - currently PostHog (hosted in the European Union), which records anonymised usage patterns such as scrolling, clicks, and pages visited; anything you type into a form is masked and never appears in recordings. Google Analytics (provided by Google) collects usage data such as pages visited, where visitors come from, and rough location, so we can see which pages get read. These analytics tools only load if you choose “That's fine” on the cookie banner. If you choose “Only necessary,” they never load. You can change your choice at any time via the “Cookie settings” link in the footer. The Meta Pixel measures conversions, such as a booked call, and can be used by Meta to build audiences for advertising under Meta's own policies; like the analytics tools, it only loads after you consent. We also use Vercel Analytics, a cookieless visitor counter that stores nothing on your device and cannot identify you. The embedded booking calendar is protected against bots by Cloudflare Turnstile, which runs invisibly and only when you book. It is a security measure, not tracking, so it sits in the strictly necessary category. Cloudflare processes limited data (such as your IP address and browser characteristics) to tell humans from bots, as described in the Cloudflare Turnstile Privacy Addendum.

7. Security

We take reasonable technical and organisational steps to protect your data, including encrypted transport (HTTPS), access controls on stored data, and secure hosting. No system is fully invulnerable; if a breach affects you, we will notify you within seventy-two hours as required by GDPR.

8. Children

This service is intended for adults. We do not knowingly collect personal data from anyone under sixteen.

9. Changes

We may update this policy. The “last updated” date at the top reflects the most recent change. Material changes will be communicated by email if you are a subscriber or client.

10. Contact

For any privacy-related question, write to therese@howtobirthamother.com.