Privacy Policy
This page sets out my privacy policy as required under GDPR legislation. It describes how I look after and use any information you may give me and describes your rights around privacy.
As a sole trader, I am the Data Controller and registered accordingly with the Information Commissioner's Office (ICO). I am only allowed to collect, store and process personal information for lawful and proper reasons, which comprise the following circumstances:
- Fulfilling my counselling and psychotherapy contract with you at all points in the process
- Ensuring I am providing you with a professional and ethical service that complies with my membership organisations' codes of practice and those of my insurance provider
- Compliance with relevant legislation, or instruction from a court of law
- Maintaining our safety, or that of third parties and avoiding harm
- Enabling the payment of fees for my service
The personal information I collect, store and use derives from our conversations, emails and text messages and consists of the following:
- General contact information and details of your preferred emergency contact person- Socio-demographic data (e.g. age, gender, employment, relationship history, health status)- Records of our emails, text messages, phone calls and financial transactions- Our counselling and psychotherapy contract and any letters of consent- Anonymous case notes and a calendar of our appointments together
Other organisations (e.g. my bank, email provider) may hold information from our online interactions and financial transactions.
I store digital information securely on my laptop and smartphone, which are backed up locally and by online providers. Paper records are stored in a locked filing cabinet in a secure location, ensuring I only carry what I need for the delivery of my service on any particular day.
Your personal information may only be shared with:
- Your emergency contact person when such a situation arises
- Statutory bodies when required by law, or to avoid harm to either ourselves or third parties
- My membership organisations and insurers should you file a complaint
- My professional executor in the case of my incapacity or death
- A lawyer if instructed by a court, or to find out if such data sharing is legally necessary
Anonymous information related to our work together may be shared with:
- My clinical supervisor to ensure that I am working with you competently, safely and ethically
- Fellow practitioners during supervision, professional examiners, or in the process of conducting clinical research, but only with your advance written permission
I will keep your information for the minimum amount of time possible. My calendar of appointments and your anonymous case notes are only held for one year and are then deleted. All other paper information is shredded no more than two years after our work together ends. For technical reasons, digital information (e.g. emails held by my online provider) could be accessible to a suitably trained person after that date until the storage device is properly reformatted, or destroyed.
I will never use your data for marketing purposes, or to distribute relevant publicity material unless you have specifically asked in writing for such information.
Under the GDPR legislation, you have the following rights and entitlements:
- to access your personal information
- to require me to change any factual mistakes in the data I hold about you
- to withdraw your consent for the non-essential processing of information
- to request the deletion, or destruction of your personal information
For more information on your rights and any relevant legal limitations, please visit the website of the Information Commissioner's Office (ICO).