GDPR and PRIVACY NOTICE
Privacy policy reviewed May 2023
In Brief:
-
I will only collect and hold information necessary for Counselling. This will include your personal details: Name, Address, Email Address, Phone Number, Date of Birth, GP.
-
The nature of counselling requires that the information you share with me will be very personal and therefore highly sensitive.
-
I keep brief, handwritten session notes. These are anonymised and kept apart from your name and address. You cannot be identified from your session notes.
-
All paper records are kept in a locked filing cabinet in my counselling room at my home. No-one else has access to this cabinet.
-
Email addresses and emails are stored on my business email which is password protected.
-
Phone numbers are stored on my phone which is password protected.
-
Remote Counselling Sessions:
-
Video sessions are carried out on my laptop via Zoom, which is end to end encrypted, ensuring confidentiality.
-
Remote phone sessions are carried out on my phone and are also secure.
-
I work from a small room in my home, with the door closed, just as if we were meeting in person. This is a confidential space and neither I nor you will be overheard.
-
I am registered with the Information Commissioners Office.
-
The following is a longer and more detailed version of the above, which you wish to read.
In full:
This Privacy Notice explains what personal data I collect, how I use your personal data, reasons I may need to disclose your personal data to others and how I store your personal data securely. For clarity, I may be both data controller and data processor for your personal data under certain circumstances. This policy is subject to change.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Please note that this Privacy Policy applies only to Space To Breathe Counselling and not to any third-party sites that are linked to from our site.
The reasons I process your personal data include, but are not limited to, your consent, performance of a contract, billing and to contact you.
I receive information about you from you when you use my website, complete forms on my website or in person, if you contact me by phone, email or otherwise. I also collect information from you when you sign up for my mailing lists or when you inform me of any other matter.
The personal data that I may collect from you includes your name, address, email address, phone numbers, payment information and IP addresses. I keep notes in accordance with the law and British Association for Counselling and Therapy (BACP) guidelines. I may also retain records of your queries and correspondence, in the event you contact me.
How I use your data
I use information about you in the following ways:
-
To process bookings and/or orders that you have made with me
-
To provide you with products and services
-
To comply with my contractual obligations with you
-
To enable me to review, develop and improve my website and services
-
To provide customer care, including responding to your requests if you contact me with a query
-
To keep track of billing and payments
-
To carry out marketing and statistical analysis
-
To notify you about changes to my website and services
-
To provide you with information about products or services that you request from me or which I feel may interest you, where you have consented to be contacted for such purposes
-
To inform you of services
Your rights
In preventing the use or processing of your personal data, it may delay or prevent me from fulfilling our contractual obligations to you. It may also mean that I am unable to provide my services.
You have the right to object to my use of your personal data, or ask me to delete, remove or stop using it if there is no need for me to keep it. This is known as your right to be forgotten. There are legal and accountancy reasons why I will need to keep your data, but please do inform me if you think I am retaining or using your personal data incorrectly.
Accessing and updating your data: Please let me know if your information (email address etc) changes. You have the right to access the information I hold about you. Please submit a formal written request, specifying what information you wish to access. We then have one month from the date of receipt to comply.
Use of cookies: My website is hosted on the Wix.com platform. Wix.com places cookies on Wix sites – small text files that are placed on your machine to help the site provide a better user experience. These are used to help maintain the security and performance of the website, retain user preferences, store information for things like shopping carts, and provide anonymised tracking data. To deliver this service it processes the IP addresses of visitors to the website.
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the ‘About Cookies’ website which offers guidance for all modern browsers
Links to other sites: Since I do not control other websites, I encourage you to review the privacy policies of any third party sites. Any information that is supplied on these sites is not within control and I cannot be responsible for their privacy policies and practices.
Phone calls: When you call me, I will only collect the information necessary to ensure you receive an efficient and appropriate response. We may also retain some of the information where it helps with providing you with an efficient response. We will not keep any data from you for longer than is necessary.
When you email me: If your email service does not support TLS or SSL or similar security systems, you should be aware that any emails we send or receive may not be protected in transit.
We will monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law. We will not keep any email data from you for longer than is necessary.
I follow legal standards to keep digital data password protected and secure.
As the transmission of information via the internet is not completely secure, I cannot guarantee the security of your data transmitted to my site and any transmission is at your own risk. Once I have received your information, I will use strict procedures and security features to prevent unauthorised access.
The GDPR replaces the 1998 Data Protection Act to ensure your personal and sensitive, confidential data is kept private and held securely, being processed in the way that you have agreed to. It is there to protect your rights as a consumer of a service or product that might involve your identifiable data, e.g. your name and address or whether you have a specific condition. It also covers any session records, text messages or emails we exchange.
I must hold your data for as long as is reasonable. I may not be able to delete your data before this time due to legal and/or accountancy obligations. I shall retain your data only for as long as necessary in accordance with applicable laws.
Exceptions: In order to safeguard you and the people around you, if you were to disclose that you were going to carry out harm to yourself or someone else, then under my “Duty of Care” I am obligated to inform the relevant authorities. This is to support you to live well, and I would always aim to discuss this with you prior to contacting anyone.
If you want to make a complaint about the way we have processed your personal information, you can contact the Information Commissioners Office (ICO) in their capacity as the statutory body which oversees data protection law in the UK.
If you wish to withdraw your consent, please send an email to space2breathecounselling@gmail.com. Withdrawal of consent will mean that any therapy must cease immediately. A record of your request to withdraw consent may still be retained so that we can ensure you are no longer contacted.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of collection and use of personal information. However, we are happy to provide any additional information or explanation needed.