I am committed to protecting the privacy and security of your personal data.

This privacy policy describes how I collect and use personal data about you and after your relationship has ended with me, in accordance with the General Data Protection Regulation (GDPR).

In GDPR terms, I hold the data,  This means that I am responsible for deciding how I hold and use personal data about you. I am required under data protection legislation to notify you of the information contained in this privacy policy. I may update this notice at any time. It is important that you read this and any subsequent notice, so that you are aware of how and why I am using such information.

What personal and sensitive personal data do I hold?

The personal data I collect directly from you is as follows:

  • Your contact details (name, date of birth, address, telephone and mobile numbers, email addresses)
  • GP Surgery contact information
  • Information about any ongoing medical conditions and prescribed medication

How is it collected?

The data is collected directly from you via a Client Information Form or via direct email/telephone contact with me at the onset of any work.

Why is it processed?

All personal and sensitive personal data will only be used in order to provide the service to you and for managing the service I provide.

What is the lawful basis?

The lawful basis for processing your personal data is always either contractual (to deliver the service) or through your consent.

With whom will it be shared?

As a part of the regulations of my professional bodies, BACP (British Association of Counselling & Psychotherapy) I have regular supervision,  where I share anonymised information about you to support my clinical thinking and to uphold professional standards.  

How long will the data be held?

Records are kept for a period of 3 years and are then deleted and/or destroyed. 

How is the data secured?

All information you provide me is stored as securely as possible.  All paper forms and correspondence are kept in locked filing cabinets.  All electronic records are stored on my computer, all access to which requires password-protected authentication. Telephone numbers are stored using first name and initials only; this is also passcode protected and only accessible by me.

Unfortunately, the transmission of information via the internet is never completely secure. Although I will do my best to protect your information using industry-standard protocols and encryption, I cannot guarantee the security of your data transmitted to me via email and any transmission is at your own risk. Once I have received your information, I will use strict procedures and security features to try to prevent any unauthorised access.

​What are your rights?

You have the right to ask me to provide a copy of the information that I hold. You also have the right to require me to correct any inaccuracies in your information. If you would like to do this, please contact me. You may withdraw your consent for me to hold and process your data at any time.