I take my responsibility to protect your data seriously. I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
The purpose of collecting your data is to provide you with the service of counselling and psychotherapy including using the website for information, to make an appointment and to work together as therapist and client.
‘Data controller’ is the term used to describe the person/ organisation that collects and stores and has responsibility for people’s personal data. In this instance, the data controller is Chloe Hedley. For any questions, queries or concerns you might have about my data protection policy you can contact me via on email@example.com.
GDPR states that I must have a lawful basis for processing your personal data.
If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information.
If you are currently having therapy or if you are in contact with me to consider therapy, I will process your personal data where it is necessary for the performance of our therapeutic contract.
Storage of your personal data:
I will store your personal data for as long as is required by law, or as required under any contract. If there is no legal requirement, I will retain information about you only for so long as is necessary for the purposes for which it was collected which is the duration of our work together.
GDPR ensures that any sensitive personal information that you may disclose to me appropriately is appropriately processed and protected. This type of information is called ‘special category personal information’. The lawful basis for me processing any special categories of personal information is that it is for provision of health treatment (in this case counselling & psychotherapy) and necessary for a contract with a health professional (in this case, a contract between me and you).
How I use your information:
When you contact me with an enquiry about my counselling services I will collect information to help me satisfy your enquiry. This will include, name, e-mail address, phone number and enquiry details. It is up to you, how much information you provide in the enquiry.
Alternatively, your GP or other health professional may send me your details when making a referral or a parent or trusted individual may give me your details when making an enquiry on your behalf.
If you decide not to proceed, I will ensure all your personal data is deleted within 1 year. In this instance, I will not use your data any longer than needed to complete this required process.
If you would like me to delete this information sooner, let me know.
As a client:
While you are accessing counselling, everything you discuss with me is confidential. That confidentiality will only be broken if I believe that you are at risk or harm to or from another, or to your self or another. I will always try to speak to you about this first, unless there are safeguarding issues that prevent this.
I keep a record of your personal details to carry out my responsibilities. These details are kept securely electronically and procedures to safeguard and secure data are in place including passwords initial notes. This data is not shared with any third party.
I will keep written notes of each session, these are kept digitally and securely. Text and e-mail correspondence will be kept for the duration of our work together and deleted upon ending of the therapy contract.
After counselling has ended. Once counselling has ended your records will be kept for 3 years from the end of our contact with each other and are then securely destroyed.
Information about you:
In order for me to be able to fulfil my responsibilities as a counsellor I will record personal information about you.
This information includes your name, address, phone number, email address, contact person with phone number, date of birth and GP practice.
Using your initials, I will also take notes of ‘assessment information’ that is relevant, medical information and aspects of your personal social and family history that you choose to share with me. This is stored separate to your contact information.
This information will be retained digitally and securely using password protection and accessible by myself only.
Your contact details will be used to contact you.
Personal data such as your name, address and/or date of birth will be used to verify your identify if there is a need to contact your G.P. or a request for access to personal data from yourself or your representative or legitimate legal instrument such as a court order.
This personal information will be held for a period of three years after the cessation of our counselling relationship, except where there is a mutually agreed decision to retain it for longer or where I believe that it is in my best professional interests to do so.
Your contact details alone will be shared in exceptional circumstances with my supervisor or other named agent in the event that I am incapacitated so that they can contact you to explain the situation. The details of this arrangement are set out in my professional will.
Information about counselling sessions and our work together
I record notes of each therapy session using your initials. These notes will be brief factual record of the session. This set of notes will include any agreements made with regard to for example, cancelled sessions or changes to the way the therapy is conducted. The notes are held digitally and securely using password protection and accessible by myself only.
These notes may be shared using your initials or pseudonym with my supervisor, counselling professional body or similar for purposes of maintaining professional standards and aiding my professional development.
These notes will be held for a period of three years after the cessation of counselling except where I agree with you to retain them for longer or where I believe that it is in my best professional interests to do so. I may make information from these notes available to legitimate third parties under the following conditions:
- Receipt of a request from you or your representative, and where the release of the notes is not judged by me as likely to cause you significant harm or harm to another person Where there is a specific legal requirement for me to do so.
- Where there is an ethical duty for me to do, for example to avoid serious harm to yourself or another person, including the safeguarding of children or vulnerable adults.
Records of contact between us
I will hold your name and telephone number on my mobile phone until our counselling relationship ends; I will delete it from my contact list after 1 year – let me know if you would like this to be sooner. Appointments are kept in my digital calendar with initials. It is not available to anyone else and is coded.
If we agree to communicate by text or by email, these records may be kept for the same duration as your counselling notes. My mobile phone is a smart phone and could therefore also have your texts, and email and email address available on it. The phone is password protected.
You have a right to ask me to delete your personal information, to limit how I use your personal information, or to stop processing your personal information. You also have a right to ask for a copy of any information that I hold about you and to object to the use of your personal data in some circumstances. You can read more about your rights at ico.org.uk/your-data-matters.
If I hold information about you I will:
• give you a description of it and where it came from;
• tell you why I am holding its, tell you how long I will store your data and how I made this decision
• tell you who it could be disclosed to
• let you have a copy of the information in an intelligible form.
You can also ask me at any time to correct any mistakes there may be in the personal information I hold about you. To make a request for any personal information I may hold about you, please put the request in writing addressing it to firstname.lastname@example.org. If you have any complaint about how I handle your personal data please get in touch. If you want to make a formal complaint about the way I have processed your personal information you can contact the ICO which is the statutory body that oversees data protection law in the UK. For more information go to ico.org.uk/make-a-complaint.
If I become aware of a situation where your personal information may have accidentally or maliciously been obtained by a third party I will notify you within three days.
Visitors to my website
When someone visits my website, I use a third party service, Wix, as well as Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. This information is only processed in a way that does not identify anyone – for more information see below.
I do not make, and do not allow Wix to make, any attempt to find out the identities of those visiting my website. I use legitimate interests as my lawful basis for holding and using your personal information in this way when you visit my website.
I use Wix tracking services and Google Analytics so that I can continually improve my service to you, You can read the relevant privacy policies in the links provided below:
I receive, collect and store any information you enter on www.integritytherapylondon.com or provide us in any other way. In addition, I collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history.
I may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
I also may collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
When you conduct a transaction on the website, as part of the process, I may collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
I collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide Users with ongoing customer assistance and technical support;
To be able to contact Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
Our company is hosted on the Wix.com platform. Wix.com provides me with the online platform that allows us to sell my products, information and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
I may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
If you don’t want me to process your data anymore, please contact me at email@example.com.
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact me at firstname.lastname@example.org.
The following links explain how to access cookie settings in various browsers:
To opt out of being tracked by Google Analytics across all websites, visit this link: http://tools.google.com/dlpage/gaoptout.