Your clients trust you with their most private thoughts. Your storage should be worthy of that trust.
Bigby gives private health practitioners encrypted, UK-based cloud storage built around the confidentiality your clients expect and your professional obligations require.
Confidentiality doesn’t stop at the consulting room door
When a client shares something with you, they’re trusting you completely. That trust extends to every note you take, every document you store, every file that holds a trace of their name or their story.
For most practitioners, file storage is an afterthought. A free service that seemed good enough. But the major cloud platforms weren’t designed with therapeutic confidentiality in mind. Their terms are written for general consumers, and the data handling that goes along with them reflects that.
The risks worth understanding
Using a general-purpose cloud service for clinical or therapeutic records isn’t just a privacy question. It touches on your professional obligations, your clients’ rights, and your own exposure if something goes wrong.
GDPR and data controller obligations
As a private practitioner, you are a data controller under UK GDPR. That means you’re responsible for how client data is stored, processed, and protected, including the services you choose to store it with. A breach that originates with a third-party provider is still your breach to account for.
Professional body standards
Bodies such as the BACP, BPS, and UKCP set clear expectations around the confidentiality and security of client records. Storing sensitive case notes or correspondence on a platform that scans files or holds data on overseas servers may not sit comfortably alongside those standards. In the event of a complaint, it’s a question you’d rather not have to answer.
Data stored outside the UK
The major US cloud providers store data on US infrastructure, subject to US law. Legislation such as the CLOUD Act means that data can, in certain circumstances, be accessed by US authorities. For records as sensitive as therapy notes or psychological assessments, that’s a risk worth weighing carefully.
Terms that weren’t written for you
Consumer cloud services are designed for personal photos and documents, and their terms of service reflect that. Broad data usage rights, AI training provisions, and content scanning policies are common. They may be acceptable for general use, but they sit uneasily alongside a duty of care to vulnerable clients.
How Bigby works
Encryption at rest, UK infrastructure, and no business model built on your data
Unlike the major cloud platforms, Bigby does not scan, analyse, or profit from the files you store. Here is how that works.
01. Encrypted at rest
Your files are encrypted on our UK servers. The data stored on our infrastructure is in encrypted form, which provides meaningful protection in the event of a storage breach and ensures your files are not sitting as readable plain text on any server.
02. No access to file contents
Bigby does not open, scan, or read the contents of what you store. We have no business reason to and our data processing terms prohibit it. Client notes, session records, and correspondence are stored without anyone at Bigby reading them.
03. No AI training or secondary use
Your stored content is not used for AI training, advertising targeting, or any analysis of any kind. The subscription fee covers the cost of running the service. That is the entire arrangement.
04. Your clients’ data stays in the UK
All data is stored on UK-based infrastructure. UK GDPR applies. There is no transfer to US servers, no exposure to US data law, and no ambiguity about where your clients’ information sits.
Frequently asked questions
Does using Bigby help with my GDPR obligations?
Bigby is designed to reduce your exposure as a data controller. UK data residency, encryption at rest, and a clear, plain-language data processing approach mean you are on considerably stronger ground than with a general consumer service. That said, GDPR compliance is broader than storage alone, and we would always encourage reviewing your full data handling practices, ideally with a professional adviser.
Can I store session notes and client records securely?
Yes, and that is precisely the kind of use Bigby is built for. Documents, notes, correspondence, and assessments can all be stored and accessed securely. Bigby does not access the contents of stored files. If you work with colleagues or within supervision, the Office plan allows document collaboration within your encrypted workspace.
What happens if Bigby receives a request for my data?
Bigby is a UK company subject to UK law. We may be required to comply with lawful UK court orders or other legal demands. We do not hold data under US jurisdiction and are not subject to the CLOUD Act. We will challenge any demands we consider unlawful and will notify users where the law permits. Bigby provides meaningful improvement over consumer cloud storage for day-to-day record storage, but for specific advice on how legal obligations interact with your professional duties, we recommend consulting a qualified adviser.
I work as part of a small practice. Is there a plan for teams?
Yes. The Group plan is designed for small teams of three or more, with shared encrypted storage and document collaboration built in. Each user accesses only what they need, and all files remain encrypted throughout. It’s priced per user from £4.99/month on annual billing.
Is Bigby suitable for a sole practitioner working from home?
Absolutely. The Storage and Office plans are designed for individual users with no minimum commitment beyond a single account. Many sole practitioners find the 100 GB Storage plan more than sufficient for client records and correspondence, and storage can be topped up if needed.
How does Bigby make money if it doesn’t sell data?
We charge a fair price for the service. No advertising, no data brokering, no hidden monetisation. The price you pay covers what it costs to run Bigby, with a margin on top. We think that’s how it should work, and for practitioners who need to trust their storage provider, we think it matters that the business model is this simple.
Your clients deserve storage that takes confidentiality as seriously as you do
Private, encrypted, UK-based cloud storage from £3.99/month. Built for practitioners who can’t afford to be cavalier with client data.
Annual billing · All prices in GBP · UK data residency · GDPR compliant