Trust & Security

Last updated: June 2026. Rushes LTD (t/a Rush Mind Coaching) aligns technical controls with UK GDPR and SOC 2-style trust principles (security, confidentiality, privacy).

Encryption in transit

All public pages and apps are served over HTTPS (TLS). Session cookies use Secure, HttpOnly, and SameSite attributes. Email is sent via TLS where supported.

Encryption at rest

Access control

Coaching clients sign in once at the client portal. RushMind Hub and Reconnect open via short-lived signed links (60 seconds, single use) without sharing passwords across apps. Reconnect couple spaces use random, unguessable URLs and dedicated databases.

Consent & special-category data

Discovery calls and onboarding collect explicit consent before wellbeing or health-related information is processed. See our Privacy Policy and Privacy & Engagement pages.

Your rights

You may request access, correction, or erasure of your data via the Get Started form. Coaching clients can export data from the portal profile area.

Report a concern

Security or privacy concerns: contact us via Get Started (mark “Security” in your message). We aim to respond within 5 working days. If a breach poses risk to individuals, we follow UK GDPR notification timelines (including ICO where required).

← Back to rushmind.co.uk