Your privacy is extremely important to me. I am aware that the information you provide may be sensitive and I respect your privacy. I keep your information confidential. This means I store it securely and prevent unauthorised access to it. I may store some of your data electronically. Any device I use for the purpose of offering your counselling sessions will be password protected. I might also store information in paper format, and this will be stored in a secure locked cabinet. After we have completed our work together any contact information stored on my electronic devices or on paper will be securely destroyed after the required retention period of 6 years. Data protection is regularly reviewed and compliant with GDPR. To find out more about GDPR and your rights please see ICO - For the public. I also adhere to the ethical guidance of the British Association for Counselling and Psychotherapy (BACP) on protecting your privacy and confidentiality.
What information do I collect?
- bullet Name and Date of Birth.
- bullet Home address including postcode.
- bullet Telephone/SMS number and permission to use it and leave messages.
- bullet Email address and permission to use it.
- bullet GP name, address and telephone number and permission to use it.
- bullet Emergency contact name and number and permission to use it.
- bullet Referral route and key words used in your search.
- bullet Written brief notes of sessions, stored separately to contact information and anonymised.
- bullet Emails received and sent until no longer useful to the work we are doing.
How is this information stored?
- bullet PPhone numbers are stored by first name only in my dedicated work phone.
- bullet Email addresses and correspondence is stored in my email account. These are protected by in-built software security systems and dedicated password.
- bullet Zoom keeps a record of your profile on my computer and is password encrypted. Feel free to take a look at Zoom's privacy statement if you would like further details on this.
- bullet Paper records are stored in a locked cabinet in my office. Contact information is kept separately from other written information which is anonymised. Documents generated on my computer are protected by in-built software security systems and password.
- bullet Bank details used for bacs payments will appear on my work bank account records with your chosen reference and may be audited by HMRC.
- bullet Email/SMS information is deleted on a regular basis. Written information will be retained for up to 6 years in line with the professional guidance then securely disposed of.
How do I use your information?
YYour information is used solely for the purposes of providing you with a therapy service.
How might I need to share your information?
I will not share your information with third parties with the following exceptions:
- bullet Where you have consented to this.
- bullet As part of my duty to you or a member of the public, or a child or vulnerable adult (further information is available in my Safeguarding Statement).
- bullet Where there is a legal requirement to do so e.g. information about serious crime, drugs money laundering, terrorism and FGM.
- bullet As a BACP registered counsellor I am required to share anonymised information on the work I do with a professionally qualified clinical supervisor.
- bullet In the unlikely event I am unable to work, your name and contact details will be shared with a trained and trusted colleague. They are authorised to contact you and ensure you are informed of my situation and offered alternative options where appropriate.
- bullet I may also share general business information with HMRC, my accountant, my governing body (BACP) and the Information Commissioner’s Office (ICO). None of your personal details are shared for these purposes.
What happens if something goes wrong?
In the unlikely event of a data breach (digital or paper records) this will be reported to the ICO within 72 hours. In line with their guidance, I will assess the risk to you of any loss of confidentiality and when necessary make you aware of the breach and any implications for you.
What are your rights to access information I hold?
GDPR legislation gives you rights as an individual data subject. You can read in detail about these rights at ICO - Your Data Matters.
Complaints or queries.
If at any point you have worries or complaints about how I handle your personal data please contact me using the email address above and I will respond within 48 hours. For more information or to make a formal complaint contact the Information Commissioner's Office directly or by calling 0303 123 1113.