Privacy policy.

Introduction

  • I am committed to protecting the privacy and confidentiality of clients' personal information. This data privacy policy outlines how I collect, use, disclose, and protect your personal data in compliance with relevant data protection laws, including the Data Protection Act (2018) and the UK General Data Protection Regulation (GDPR).

  • In line with legal requirements, I am registered with the Information Commissioner’s Office (ICO).

Personal Information Collected and Processed

  • Contact Information: Includes name, address, phone number, and email address.

  • Emergency Contact Information: Such as the name and number of your emergency contact, and your GP details.

  • Demographic Information: For example, age and gender.

  • Health Information: Includes medical history, mental health concerns, and session notes.

  • Financial Information: Such as records generated from BACS transfers when you make a payment.

  • Communications: Emails, texts, voicemails, and phone call logs exchanged between client and therapist.

  • Session Recordings: Audio recordings of sessions may be used for training or research purposes but will only be recorded with your prior written consent.

  • Website Cookies: Google Analytics cookies may be used to monitor website traffic for analytical and improvement purposes.

Use of Personal Information

  • Providing psychotherapeutic services.

  • Maintaining accurate client records.

  • Processing billing and payments for services rendered.

  • Communicating about appointments, service updates, or relevant information.

  • Complying with legal and regulatory obligations.

  • Breaching confidentiality where necessary due to risk or safeguarding concerns (see confidentiality policy for details).

  • Supervision: Limited information shared in supervision includes your first name, background, reasons for therapy, and the nature of our work together.

Data Security Measures

  • Personal data is stored on an ISO27001 certified specialist practice management platform and access to data is limited to my password protected account.

  • Data on this platform is protected via 256 bit SSL encryption.

  • Basic contact details (e.g., phone number, texts) are stored on a PIN-protected mobile.

  • Unique and complex passwords are used across all digital accounts.

  • No physical copies of personal data are retained, and any handwritten notes are securely destroyed once digitised.

  • Security practices are regularly reviewed and updated to address potential risks.

Data Retention

  • Personal information will be retained only as long as necessary to fulfill the purposes outlined in this policy or as required by law or for insurance purposes.

  • Current insurance requirements specify retaining a subset of data for five years.

  • Upon termination of therapy, non-essential information (such as emergency contact details) will be destroyed, while any legally or insurance-required data will be retained as stipulated.

Sharing Your Information

  • Your personal information will not be shared with third parties without your consent, except under the following circumstances:

    • Supervision: For further details, please see “Use of Personal Information” above.

    • Legal Compliance: Data may be disclosed if required by a UK court.

    • Safeguarding and Confidentiality Breaches: See confidentiality and safeguarding policies for more information.

Your Data Rights

You have the following rights regarding your personal information:

  • The right to receive a copy of the personal information held about you.

  • The right to request correction of any inaccurate or incomplete data.

  • The right to request deletion of your personal data under specific circumstances.

  • The right to withdraw consent to data processing, where applicable.

  • The right to lodge a complaint with the ICO if you believe your data rights have been violated.

Contact Information

For questions or concerns about this privacy policy or the handling of your personal information, please feel free to discuss them with me.

Policy Updates

This privacy policy may be updated periodically. Any changes will be effective immediately upon posting the revised policy on the website. Policy changes are generally anticipated only for reasons related to legislative updates or insurance requirements.