Information & Security Policy
Our Information & Security Policy has been updated on 01th March, 2025.
At OPPAM, we prioritize your privacy and security. We are committed to safeguarding your personal and mental health information with the highest level of confidentiality, integrity, and compliance with international security standards.
This Privacy & Security Policy explains how OPPAM collects, stores, protects, and uses your information when you use our services. By accessing our platform, you consent to the practices described in this policy.
Confidentiality of Client Information
- All personal and mental health information shared on OPPAM is strictly confidential and only accessible to your assigned therapist.
- No information is shared with third parties, employers, or family members without explicit consent, except where legally required.
- Our therapists and employees sign strict confidentiality agreements to ensure data protection.
Data Collection & Usage
We collect only the necessary information to provide you with the best mental health support.
This may include:
This may include:
- Name (optional)
- Contact details (email/phone for appointment communication)
- Mental health concerns (shared voluntarily during sessions)
- Session records (accessible only by your therapist)
Your data is never sold, rented, or used for marketing purposes.
Secure Storage & Data Protection Measures
To ensure the highest level of security, OPPAM follows industry best practices, including:
- End-to-End Encryption (E2EE): All communications and data are encrypted.
- Role-Based Access Control (RBAC): Only authorized therapists can access client records.
- Secure Servers: Client data is stored on encrypted, ISO 27001-compliant servers.
- Automatic Session Timeouts: Prevent unauthorized access.
- Regular Security Audits: We conduct internal and external security checks to ensure compliance.
Data Sharing & Third-Party Services
- We do not share client data with third parties, except for:
- Legal obligations (e.g., if required by law for harm prevention).
- Emergency situations where intervention is necessary to protect life.
- Any third-party service providers (e.g., cloud storage, video conferencing) are GDPR, HIPAA, and ISO 27001 compliant.
Your Rights & Control Over Your Data
You have full control over your data. You can:
- Request access to your stored information.
- Ask for corrections in your records.
- Request data deletion after discontinuing services.
For any such requests, contact us at help@oppam.me
Incident Response & Data Breach Policy
In the unlikely event of a data breach:
- We will immediately investigate and contain the breach.
- Affected clients will be notified within 72 hours if their data is compromised.
- Preventive measures will be taken to avoid future occurrences.
Secure Communication Policy
To maintain confidentiality, OPPAM ensures:
- All therapy sessions are conducted through secure, encrypted platforms.
- No session details are stored outside our secure system.
- Therapists do not communicate sensitive client information via personal emails or
messaging apps.
Updates to This Policy
We may update this policy periodically to reflect improvements in security measures or changes in legal requirements. Any updates will be posted on this page with the effective date mentioned.
Contact Us
If you have any questions about our Privacy & Security Policy, please reach out to us at: help@oppam.me
Your mental well-being is our priority, and so is your privacy. OPPAM is committed to
maintaining a safe, confidential, and secure mental health support system for all.
