PRIVACY POLICY

All data, as well as the use of online platforms, are used in accordance with GDPR compliance. This is to ensure our sessions are protected from data breaches. GDPR compliance considers data security and privacy rights to be the most important variables in counselling. This directly pertains to confidentiality and how sensitive information is stored, used, or accessed.

 

 The use of online platforms

 Virtual or distanced sessions might be held via Zoom, Facetime, or telephone. To protect the confidentiality and safety of our session, in accordance with GDPR compliance, I abide by the following:

  • Ensuring that my Wi-Fi is secure.

  • Using encryption and end-to-end encryption when possible.

  • Password protecting our meetings.

  • Locking meetings to prevent third parties from entering.

  • Ensuring my browsers and operating systems are up to date.

 

The use of notes and session information

Personal information is collected to set up counselling sessions. During the initial session, this information is used for the purposes of setting up a contract. The original contract is given to the client, and a copy is made for administrative purposes. This contract is kept in a password protected safe. 

At the end of each session, I will take some brief notes.  This pertains to attendance, as well as keeping a brief record of important themes that occurred in sessions. All notes and names are anonymised. As a client, you have a right to view any notes I take.

Non-identifiable, anonymised information is also held to support my supervision processes and, where appropriate, to support decisions about risk and duty of care. The purpose of note taking is to ensure professional standards.

 

Storage of data

I will keep notes and personal information for up to five years in accordance with professional standards before data is securely destroyed. 

 

Sharing of data

Session notes are confidential and not typically shared with anyone. The sharing of data may happen on rare or emergency situations.

  • GP

    On the client’s request, relevant information can be shared with a GP should this be needed. This is done only with the client’s consent.

  • Government/Legal compliance for Covid-19

    Should either party show symptoms of Covid-19, or recently been in contact with someone who is symptomatic, I may be asked to share relevant information to the NHS for contact tracing. This information may include your name, contact number, date and length of session. This scheme is optional, and I will seek your consent at our initial meeting regarding this specific circumstance.

  • Risk of harm to self and others

    If I have reason to believe you pose a serious risk to self or others, I would first consult with you to consider what the best response might be to facilitate a safe environment for both yourself and others. Should there be an imminent risk following a session, I may contact my supervisor and subsequently reach out to relevant organisations should this action be deemed necessary and appropriate.

  • My death or incapacitation

    In the event of serious illness, injury or death, your contact information will be available to a trusted colleague who can inform you of the situation. This person will support you in making alternate counselling arrangements.

 

Third party data

All online transactions are subject to third party providers who collect and use data in accordance with their own privacy policy. This includes, for example, my website or the use of email. It is therefore advised that no sensitive information is shared over these platforms. Although these accounts are password protected, I cannot guarantee confidentiality regarding the presence of third parties via these platforms.

 

Your rights

In line with GDPR legislation, you have the right to request any information I hold pertaining to you. Please contact me if you would like to request a copy of this, or to correct any inaccuracies in your information. Please note that I require at least one week’s notice to prepare copies of the information I hold about you.

You have the right to complain to the Information Commissioner’s Office (ICO) if you are unhappy with how I am handling your data. You can lodge a complaint with the ICO at www.ico.org.uk.