Signed in as:
Signed in as:
Your confidentiality and privacy are very important. Under the General Data Protection Regulations (GDPR), We are required by law to inform you how we keep the data you provide me with, and how we hold this data. we are also bound by the British Association for Counselling and Psychotherapy’s (BACP) code of ethics and the British Psychological Association/HCPC code of ethics. We will never sell your data to any other individual, company or organisation for any purpose.
We are required to gain your explicit consent to my holding your data in certain ways.
We aim to be as clear as possible about how and why we use the data held about you so that you can be confident that your privacy is protected. This policy describes:
As per these laws, We are the data controller, and the data processor. If your questions are not fully answered by this policy, please contact the Information Commissioner's Office (ICO) https://ico.org.uk.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for retaining and processing this information will depend on the phase of the therapeutic relationship. The lawful bases for retaining and processing your data will be as follows:
1. What personal information do I collect and how do I collect it?
I retain the data you provide so that I can provide you with a safe and professional counselling service.
The data that I hold may include:
Your name, email address and contact number will be collected when you make the initial enquiry.
All other information will be collected in the initial assessment session.
I will record brief notes of our sessions. This is so that I can keep track of progress, as well as serving as a reminder of what was discussed in sessions.
2. Why do I Collect this Data?
3. Where do I keep your information, and how is it kept safe?
I am required by law to retain certain financial information, primarily for tax purposes, and as advised by HMRC this is retained for five years. Payments you make are input into an MS-Excel spreadsheet referenced by 1st name only.
When payment is made via BACS, your account name (or the name of the person who is paying) and any reference used may show up on my online or paper bank statements. You have the right to discuss alternative payment options with me. Banking transactions may be viewed by employees of the bank, my accountant, and HMRC tax officers who will all have their own GDPR policies.
4. How long do I keep the information?
As per the terms of my indemnity insurer, I retain your information for 5 years. After this time has elapsed, I will shred any paperwork I have, and delete any electronic records I have about your sessions.
I will need to discuss content of our sessions from time to time with my supervisor. These supervisions sessions take place for the purpose of ensuring that I am providing the very best service to my clients. During these supervision sessions, I may refer to you by initials. If you are not happy with this, then we can discuss a pseudonym that you would be happy with.
My duty of confidentiality has limitations, and there are particular circumstances, which will require me by law to act, by notifying relevant external agencies. I will be transparent with you about this, however your permission is not required.
The circumstances in which I will need to break the confidentiality agreement are explained below, and they will be reiterated in our first meeting:
6. Your data protection rights
Under data protection law, you have rights including:
You can read more about your rights at ico.org.uk/your-data-matters.
l aim to meet the highest standards with regards to handling your data. However, if you have a complaint about how I handle your personal data please do not hesitate to get in touch with me by email at firstname.lastname@example.org
If you want to make a formal complaint about the way I have handled your data you can contact the ICO which is the statutory body that oversees data protection law in the UK. For more information go to ico.org.uk/make-a-complaint.
8. Third Party Applications
My website and any other social media channels may contain links to other third parties. When you correspond with any third parties referenced, they hold responsibility for any interactions you have with them. I recommend that you consider the privacy statements of other websites and applications, to make sure you understand their individual policies.
I cannot be held responsible for any social media channels which may contain links / references to other websites that are not covered by this policy.