PRIVACY POLICY
PRIVACY POLICY
Your privacy is very important to me, and you can be confident that your personal information will be kept safe and secure and will only be used for the purposes for which it was given.
​
As a registered member of the BACP, I abide by their standards and ethical requirements. This includes strict guidance on the requirements of confidentiality.
I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003. I pay a fee to the Office of the Information Commissioner (ICO), as required by the legislation governing data control.
​
WHERE PERSONAL DATA IS STORED​
​
Client data is kept confidential and secure: in a locked cabinet, password-protected computer / smart-phone and secure, password-protected CRM / Contact List - all in full accordance with GDPR. Data will be kept for 5 years following the ending of therapy for legal / insurance reasons. I will never share your data with any external agencies for commercial purposes.​ I take all steps reasonably necessary to ensure that client data is treated securely and in accordance with this privacy policy.​
Changes to the PRIVACY POLICY
​I will notify all ongoing clients of changes I may make to this Privacy Policy in the future.​
Consent to the PRIVACY POLICY
Clients will give consent to this Privacy Policy (pertaining to the use and storage of their personal information as disclosed to the practice, as detailed above) by being provided with a PDF document version to sign. Clients have the right to withdraw their consent at any time.
Information held about clients​
The information collected and held is necessary information for the administrative running of the practice: for communications about appointments and payments, as well as to provide updates on information regarding the practice. The data held about clients includes full name, address, date of birth, a current phone number, an email address, GP details, an emergency contact number, medical conditions & medication, involvement with other services and brief anonymised notes. I hire staff for various business functions, such as administration and marketing, branding and website design. As part of their professional remit, they have access to the basic client contact data, excluding health-related information. Anyone engaged to work for the practice is required to sign a confidentiality agreement. They will never have access to anything pertaining to confidential therapy work (eg brief anonymised notes or creative work completed in the session). This will remain confidential and be kept separately to the client contact details so that no identifying link could ever be made between the two. I am the only person that sees this confidential data, unless I feel a client is at risk of serious harm. (The Therapist/Client Agreement entered into at the start of therapy provides further details).​​
​