The Data Protection Act 2018 (including GDPR) means that you have the right to know about what happens to information about you, this policy aims to be really clear about this.
This policy governs the way in which I collect, store and share information collected from clients. The lawful basis of this data collection is under legitimate interest. It applies to the practice, website, social media and services offered by me within my private practice.
Social media: I have social media accounts for my practice on Facebook, LinkedIn, Twitter and Instagram. If you make contact via any of these accounts, then data held will be subject to their privacy policies. Direct messages will be held for the duration of our work together and deleted 12 months following the end of our work.
Personal information I collect
- Name/DOB/how you identify your gender
- Preferred contact number
- Email address
- Address (if agreed)
- GP contact details (if agreed)
Other information: I keep track of the number of sessions we’ve had and our agreed fee and at times I may make notes on our sessions to maintain professional standards and for professional development such as accreditation. Further information about this is available on request.
How I store information
Correspondence and records: Texts, emails and records of calls on my mobile phone are kept for the duration of our work together and deleted 12 months following the end of our work or last contact.
Zoom: A record of previous Zoom meeting details (your name/date/time and joining instructions) is held on my Zoom account for less than a month.
Contract: Each client is issued with a copy at the start of our work together and a copy is held by me for reference in a secure place. Any amended contracts are also kept on my laptop which is password protected and shared with you.
Session information: I keep a spreadsheet of information about the number of sessions we’ve had and the agreed cost of the session.
Other documents: At times, I am asked by clients to confirm they have attended sessions or write a letter in support of them. These are kept for the duration of our work together (stored on my lap top) and deleted 12 months following the end of our work.
How I transport information
For the most part, information I have about you is stored on my phone or my laptop. These are password protected, and only I have access to them. Where you sign a contract, this is transported to my home in my car.
How I share your information
Supervision: I attend monthly supervision to ensure my practice remains safe and ethical. Session details may be shared with my Supervisor. At times, I also attend peer supervision. In these instances, you are not directly identified and these people are bound by the same respect for your confidentiality.
Legal requests: If you discuss something in our work together that you later decide you want to take criminal action about then I may be requested to provide information.
ICO registration: ZA715478 (see http://www.ico.org.uk for further information)
Other considerations: If you call me, then this will appear on your bill and your telephone provider will also have a record of calls to and from you telephone even if you delete the information from your telephone. Your number will also appear on my telephone bill should I need to call you. If you pay by bank transfer, your details will be held by my bank, and may be visible to HMRC or other financial bodies should they request evidence of my income. My details will also be visible on your own banking records.
At any point in our work, you are welcome to ask for any information I hold about you and for any information that is incorrect to be rectified. If you have concerns about how your information is held or any objections to this policy, please get in touch (see contact page).