top of page
IMG_1145 2.heic

PRIVACY STATEMENT

What personal data I collect and why I collect it:

 

Data protection law (GDPR) states that individuals have the right to be informed as to how their personal data is held and used. This privacy notice explains the personal information I collect from you as my client, as well as how I store, process and delete it. As a private practitioner I act as both:

  • Data Controller (which means that I plan procedures regarding how data is held according to the GDPR regulations),

  • Data Processor (which means that I collect and store data required within my therapy practice).


As a client, when you attend an initial consultation with me, we begin by setting a working agreement in place that explains my commitment to client confidentiality and data protection, as well as when confidentiality may be breached.  You will need to sign this agreement before we commence therapy.


I will collect personal details from you, as shown here: name; date of birth; address; contact number; email address; contact details for an emergency contact for use if something were to happen to you on my premises; contact details for your GP, for use with your permission; details of any relevant mental or physical health issues and medication.

Storage of personal details

In addition to contact details, I keep factual notes about our counselling sessions which may include sensitive information that you have disclosed to me. I may also keep a record of creative work, writings, drawings or diagrams that we have used during our work, including photographs of images. All personal client data client including contact information is stored electronically in passworded files. I keep anonymised paper-based session notes and images in a secured locked unit.

 

I have regular supervision with supervisors, and these are the only people with whom I talk with about my work. Supervisors are bound by the same terms of confidentiality as I am. Clients are identified by first name only. In the event of my becoming incapacitated in some way, a trusted colleague is able to access only the contact details of my clients. The other occasions when data might be shared is when I have your consent to do so, or when I am obliged to break confidentiality for reasons which are discussed in the therapy agreement that I ask you to sign at the beginning of your therapy.

I keep personal data for up to 5 years as it could be useful and relevant for a client returning to therapy. I have chosen 5 years as a reasonable time between retaining potentially useful data and keeping data for no longer than is necessary. I keep images up to 12 months due to limited space resource.


Exceptions to Confidentiality:
If I have reason to believe that you or someone else is at risk of serious harm, I will break confidentiality. I would endeavour to discuss this breach with you first so that we could come to an agreement about who needed to be informed. However, if an agreement is not reached and I still believe that you or someone else is at risk, I will discuss the situation with my supervisor and decide how to proceed. Where a threat of terrorism or drug trafficking is disclosed, I am obliged by law to inform the authorities.

Your Rights:
In accordance with GDPR, you have the following rights:​

  • To be informed of the information that I store about you.

  • To ask to see the information that I hold about you. I am legally required to respond to any request from a client in writing to see their personal data within 30 days.

  • To ask that I rectify any information that you deem inaccurate, unnecessary, or incomplete (if I need to keep a record to comply with legal requirements then I may decline this request).

IMG_0469 2.heic
Screenshot 2022-10-07 at 22.03.07 2.PNG
IMG_0674 2.JPG
IMG_3827 2.JPG
bottom of page