From 25th May 2018 European legislation (GDPR - General Data Protection Regulations) brought in revisions to privacy policies for the protection of an individual’s data. This is a positive and welcome change to keep data safe and to ensure that active consent is obtained with regards to how I may contact you.
Web cookies and data storage
My website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to advertise my services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
• To provide a great experience for visitors and customers.
• To monitor and analyze the performance, operation and effectiveness of Wix's platform.
• To ensure my platform is secure and safe to use.
For more information about how cookies are managed, please see the Wix web page where you can find further detail.
I may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
When you contact me via my website, as part of the process, I use personal information you give me such as your name, address, and email address so that I may respond to your query. Your personal information will be used for the specific reasons stated above only. Once I have responded to your query I delete your information unless you then become a client. At that point your details are kept in a secure record system as discussed when we contract during our initial session. Emails are processed by Microsoft and hence subject to their privacy policies. I recommend that no sensitive information be shared via email.
What data/information do I hold about you?
This is the information I ask you for and about during your initial assessment session:
History and related information
Brief session notes that I use to keep track of the therapy process
Your personal information will be used only to provide you with my services and to give you information relating to my services. I will not share your personal details with any other person or organisation without your knowledge and permission, except where required by law.
If there is a safeguarding issue, or a perceived risk of harm to self or others, personal information may be shared with relevant third parties.
If you have any questions about how I handle user data and personal information, please feel free to contact me via the ‘contact’ section of my website. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
What do I do with this information?
I keep these records to work professionally as a psychotherapist. Your information is only used for the purpose of informing therapy and any associated referrals.
Your information is treated with the utmost confidentiality, and it will never be disclosed to any third party without explaining why this may be necessary and getting your consent, except where required to do so by law or where I feel you are at serious risk of harming yourself, harming others or at serious risk of harm from others. Your safety will be my prime objective in these cases.
Your information will not be taken outside of the EU. During the Covid 19 outbreak, I may use your details to contact you as part of a track and trace system if we are notified of any possible contact with an infected person.
How long do I keep your information?
I am required to keep your information for a minimum period of 7 years following the last occasion on which therapy is undertaken. If you are under 18 then records will be kept for a period of 7 years from when you turn 18. When the 7 years is up any electronic records about you will be deleted and any paper records will be destroyed in a confidential manner (shredding or burning).
All electronic devices which hold personal data are password protected and stored securely with reasonable measures to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification. Please note I may retain your personal data for a longer period than set out above in the event of a complaint or dispute.
I will contact you as appropriate, for example, with appointment reminders, with requested information, in response to your contact via the contact form on our website, social media, or other electronic or other means.
I may contact you to ask how you are if you have not attended a session and have not made any contact to ensure you are safe and/or if you wish to continue therapy.
The GDPR gives you the following rights:
Right to access: You have the right to request a copy of the information held on you. I may need to request specific information from you to help me confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Right to rectification: You have the right to correct any inaccurate or incomplete data.
Right to be forgotten: In certain circumstances, you can ask for the data I hold on you to be erased from my records, unless I have a legal obligation to retain the information.
Right of portability: You can request that I transfer any data I hold on you to another company.
Right to restrict processing: You can request that I limit the way I use your personal data.
Right to object: You have the right to challenge certain types of processing, such as direct marketing.
Right related to automated decision-making including profiling: You are free to request a review of automated processing if you believe the rules aren't being followed.
Details of your rights can be found on the website https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you have any queries or concerns about how your information is held or used please contact me detailing your concerns.
I reserve the right to update this document and my terms and conditions at any time without prior notice.
Your signed consent of the Privacy Statement & Personal Information form will acknowledge that you fully understand and accept the policy for records held, and also gives your consent to use of personal and sensitive personal data for the stated purposes.
Any working contract shall be construed and governed in all respects in accordance with the laws of England and Wales and any dispute or differences in relation to this agreement shall be subject to the exclusive jurisdiction of the English Courts.
This policy is effective as of 1 August 2021