top of page
Privacy Policy / GDPR Policy

The Data Protection Act, 2018 (DPA), controls how your personal information is used. There are restrictions about how I collect and store information – and you have a right to know – and control – how your information is handled.

Information about the DPA can be found at: https://www.gov.uk/data-protection

Information about the ICO can be found at: https://ico.org.uk/

This document is to let you know what information I collect about clients, why I collect it, how I use and store it, who has access to it, how long I keep it and how it is destroyed.

​

Your rights

Under the Data Protection Act 2018, you have the right to find out what information I store about you. This includes the right to:

  • be informed about how your data is being used

  • access personal data

  • have incorrect data updated

  • have data erased

  • stop or restrict the processing of your data

  • data portability (allowing you to get and reuse your data for different services)

  • object to how your data is processed in certain circumstances.

​​

What Information do I collect?

I collect and ‘handle’, in different ways, the following information:

  1. Your name and address;

  2. Your phone number and email address;

  3. Dates and times of our meetings;

  4. The name and contact details of someone you know & trust who knows that you are in therapy with me (a ‘Safety Contact’);

  5. The name and contact details of your GP (or primary doctor);

  6. Brief notes of our sessions;

  7. Emails and texts;

  8. Details of our financial transactions (invoices, receipts, BACS transfers etc.).

​​

Why do I keep this information?

  1. Your name and address:

    1. I am required to keep this by my professional body (UKCP).

  • Your phone number and email address;

    • I need this if I need to contact you between sessions.

  • Dates and times of our meetings:

    • This is needed to back up my memory;

    • It is a requirement of my professional body and insurance company.

  • Safety Contact:

    • This is a matter of safety and part of my responsibility for your welfare;

    • Contact with this person (who should be an adult) would only take place in an emergency –  almost always only after discussion with you.

  • The name and contact details of your GP (or primary doctor);

    • This is a matter of safety and part of my responsibility for your welfare;

    • Contact with your doctor would only take place

      • At your request, or

      • in an emergency, to protect your safety – and almost always only after discussion with you.

  • Brief notes of our sessions:

    • I need to keep notes in order to refresh my memory about our work;

    • I need to keep notes in order to inform my clinical supervision;

    • It is a requirement of my professional body (UKCP) and my Insurance company.

  • Emails and texts:

    • Emails and texts are part of the record of our out-of-session contacts, which often frame the work.

  • Details of our financial transactions (invoices, receipts, BACS transfers etc.):

    • I am required to keep this for tax and accountancy purposes;

    • We also need an accurate record of our transactions to keep our financial agreements transparent and accurate.

​​

How do I keep this information?

  1. Your name and address:

    1. This provided by you and is filed under lock and key, separate from other information about your ongoing therapy.

  • Your phone number and email address:

    • This is provided by you and is filed under lock and key, separate from other information about your ongoing therapy;

    • Information on my phone is labelled with a code so that you cannot be identified;

    • My phone is locked and protected by face I.D. and password;

    • Information on computer is held in a specific password-protected file.

  • Dates and times of our meetings:

    • Recorded in my diary using a code to conceal your identity.

  • Safety Contact:

    • This provided by you and is filed under lock and key, separate from other information about your ongoing therapy.

  • The name and contact details of your GP (or primary doctor):

    • This provided by you and is filed under lock and key, separate from other information about your ongoing therapy.

  • Brief notes of our sessions:

    • Session notes are kept in a file in a locked filing cabinet, using a code to conceal your identity.

  • Emails:

    • Emails are handled through a Hushmail account – which is an end-to-end encrypted email system:

    • The only people who can access Hushmail emails are me and my ‘therapeutic executors’

    • Texts are on my phone which is face/password protected.

  • Details of our financial transactions (invoices, receipts, BACS transfers etc.):

    • Copies of invoices/receipts are kept in secure files on y computer;

    • Clients are asked to use initials for BACS transactions to protect confidentiality;

    • Financial records are kept securely on my bank’s website;

    • Bank statements are kept in a locked filing cabinet.

​​

Who sees this information?

  1. Your name and address:

    1. Only I will see this information.

  • Your phone number and email address:

    • Only I will see this information.

  • Dates and times of our meetings:

    • Only I will see this information.

  • Safety Contact:

    • Only I will see this information.

  • The name and contact details of your GP (or primary doctor):

    • Only I will see this information.

  • Brief notes of our sessions:

    • Normally only I will see this information;

    • Occasionally notes are taken to supervision; my supervisor only has a first name & generalised, non-identifiable information about clients;

    • Please note that in certain circumstances, therapists have the right to withhold notes of parts of notes, subject to a court order.

  • Emails and texts:

    • Only I will see this information.

  • Details of our financial transactions (invoices, receipts, BACS transfers etc.)

    • My wife has access to the bank account; however, BACS transfers etc are identifiable only by client initials.

​​

How long is this information kept and how will it be destroyed?

  1. Your name and address:

    1. My professional body and insurance company recommend that this information is kept for seven years from the end of therapy;

    2. At that point it will be shredded in a secure cross-shredder.

  • Your phone number and email address:

    • My professional body and insurance company recommend that this information is kept for seven years from the end of therapy;

    • At that point it will be shredded in a secure cross-shredder.

  • Dates and times of our meetings:

    • My professional body and insurance company recommend that this information is kept for seven years from the end of therapy;

    • Diaries will be retained indefinitely in a locked filing cabinet.

  • Safety Contact::

    • This is removed at the end of therapy;

    • At that point it will be shredded in a secure cross-shredder.

  • The name and contact details of your GP (or primary doctor):

    • My professional body and insurance company recommend that this information is kept for seven years from the end of therapy;

    • At that point it will be shredded in a secure cross-shredder.

  • Brief notes of our sessions:

    • My professional body and insurance company recommend that this information is kept for seven years from the end of therapy;

    • At that point it will be shredded in a secure cross-shredder.

  • Emails and texts:

    • My professional body and insurance company recommend that this information is kept for seven years from the end of therapy;

    • At that point emails will be securely ‘trashed’;

    • Computers to be disposed of will be securely cleared and ‘returned to factory settings’;

    • Phones no longer used will be securely cleared and ‘returned to factory settings’.

  • Details of our financial transactions (invoices, receipts, BACS transfers etc.)

    • Banks, HMSO and financial advisory recommend that this information is kept for seven years from the end of therapy;

    • At that point Bank Statements will be shredded securely.

​​

Should you wish for further information, please do speak with me.

bottom of page