Trust starts here

Health notes are special category data. We treat them that way.

An allergy, a skin condition, a note about medication — under UK and EU GDPR, that's “special category data” under Article 9. It requires its own explicit consent, separate records, and careful handling. Eliis was built around these requirements, not retrofitted to them.

Core commitments

How we protect your clients' information.

Encrypted at rest
Every health record is encrypted in the database, not just in transit. The encryption key is derived per-therapist — your data cannot be read even if the database were compromised.
Dual consent
Treatment consent and GDPR data-processing consent are captured as two separate, signed records. Not a checkbox. A legal record with a timestamp and signature.
EU data residency
Hosted in Frankfurt, Germany. Your clients' data stays in the EU. UK therapists are covered under UK GDPR with equivalent protections.
Retention, automated
Records are tracked against your retention obligations. You'll never be the one manually monitoring how long data has been held.
Legal compliance

GDPR & special category data.

Under Article 9 of the GDPR (and the equivalent UK GDPR provisions), health information is classified as “special category” data. This means it requires a higher level of protection and a specific lawful basis for processing — typically explicit consent.

Most booking software was never designed to handle Article 9 data correctly. A single privacy policy checkbox is not sufficient. Eliis captures treatment consent and data-processing consent as two separate, legally distinct records — because that is what the law actually requires.

Treatment Consent

Captured before treatment begins. Includes the client's full name, the date of signing, and a digital signature. Stored as a permanent, immutable record.

Data Processing Consent (GDPR)

A separate consent specifically for storing health data electronically. Clearly explains what is stored, for how long, and why. Clients can request deletion at any time.

Technical security

Encryption, designed around health data.

Encrypted at rest

Health profiles and clinical notes are encrypted using AES-256 before being written to the database. Each therapist's records use a unique derived key.

Encrypted in transit

All connections use TLS 1.3. Data is never transmitted over unencrypted channels.

Server-side only

Encryption and decryption happen server-side, in a controlled environment. Health data is never processed in the browser.

No third-party access

Your clients' health data is not shared with, sold to, or processed by any third-party AI provider or analytics service.

Your data

You own your data. Always.

You can export all client data at any time in a portable format.

Clients can request deletion of their records. Eliis makes this straightforward for you to fulfill.

If you stop using Eliis, your data is returned to you and then deleted — not retained indefinitely.

We do not analyse your client data for product improvement. What your clients share with you stays with you.

Questions about how we handle your data?

We are happy to talk through the specifics. Reach out directly or join Early Access and speak with us.

JOIN EARLY ACCESS