In line with the General Data Protection Regulations (GDPR), introduced on 25 May 2018, we need to bring the following to your attention (if you have any questions about this, please email us using the form on our ‘Contact’ page):
Reasons for holding and processing your data
We collect, store and process information about you to enable us to provide an ethical service. We do so under ‘Legitimate Interests’, for the purposes of healthcare, as per GDPR.
Your Initial Enquiry
Following your enquiry, we only retain your initial contact details (i.e. name, phone number or email) for the purpose of arranging a meeting to see if you want to work with us; otherwise, they are erased.
Whilst in Receipt of Services
If you decide to engage our services, full contact details are collected and stored securely. It is considered ‘good practice’ to keep session notes, which help us as practitioners reflect on our work with our respective supervisors. Such notes are kept to a minimum and stored securely - you are not identified in them by name.
Right to Breach Confidentiality
This privacy notice needs to be read in conjunction with any counselling or supervision contract used at the time, which outlines the limits to confidentiality offered and refers to situations where it may be necessary to break this.
Contact by Professional Executor
If serious accident, illness or death prevents one of us from continuing work with you, the other (acting as professional executor) will be in touch to discuss alternatives. As executor we have access to your contact details (for this purpose); we only have access to each other’s session notes in order to delete them.
When Work is Complete
Contact details – are deleted as soon as practical, unless mutually agreed otherwise
Session notes – are kept for 7 years (for counselling) or 3 years (for supervision)
Other records (e.g. held for tax purposes) – are deleted after 6 years
Your Rights under GDPR
You have the right to request information held on you. Unless prevented by legal reasons, this will be provided within a month of your written request. It can be useful to look at this together in a session, to acknowledge any reactions you may have and take account of any amendments you request. You also have the right to ask for erasure of information we hold on you and, provided there are no legal reasons for keeping it, we will comply.
We are both registered separately as Data Controllers with the Information Commissioner’s Office (ICO) and, as such, we are obliged to report any data breaches to them. Further information about the ICO, the GDPR and your rights (including how to make a complaint) can be found at: https://ico.org.uk/your-data-matters/ Telephone (ICO): 0303 123 1113.
We take the trust you place in us as practitioners, seriously.