Privacy Statement and General Data Protection Regulation Statement
I am registered with the ICO (Information Commissioners Office) which means I need to tell you what data I am collecting from you and what I intend to do with it.
What data do I keep and why do I need it?
Name, age, date of birth, relationships and family details, occupation, medical conditions related to counselling, prescribed medication, counselling history:- this is basic information that helps me get to know you.
Address, email address, phone number :- I will need this as a way of contacting you regarding your sessions. I will generally use the method you first contacted me on but if I am unable to contact you that way I will try a different method.
Doctors details :-If I have concerns that you were at risk then I may need to contact your doctor, I would always try and discuss this with you in advance if I could.
Will I share your data and if I do who will I share it with and for what purpose?
It is very unlikely I will share your data. I will not sell your data or use it for unethical reasons
I may have to share it if my notes are subpoenaed by court, if you or anyone you tell me about, is at harm or risk of harm I may have to pass this information on to your GP or the police. I have also appointed a Clinical Executor. In the unfortunate event I can no longer work with you they will have access to your details and will get in touch with you. You have a right to request to see, have amended or have destroyed any data I may keep about you. I will respond to any such request
I undertake monthly supervision with another qualified therapist. In order to protect your privacy, my supervisor will not know your name and I will refer to you with a pseudonym verbally when it is helpful to my professional process.
How will I store your data?
• Paper – Written Notes, Contact Sheet, Contract, Assessment Record, Brief Session Notes, GDPR Agreement, Client Code (links documents)
• Telephone- I will store your contact telephone number in a passcode protected smart phone- this allows me to contact you in case or emergencies
• Email/SMS- Your e-mail address and correspondence will be stored in my email account (currently Gmail) by way of you contacting me. This is stored on a password protected laptop and password protected account.
• Website- None of your personal information is stored on my website.
How long will I store your data for and how will I dispose of it?
I’ll keep your session notes, your name and your unique code for 7 years which is the time frame my insurance company requests. I will shred this privacy consent document and your registration/contract form with your personal information on 1 month after we end our work together.
I will delete your phone number from my mobile phone 1 month after our work finishes.
All emails from you will be deleted as soon as they are no longer needed and at least within 1 month of us finishing working together.
If you are not happy with the way I use your data you can complain to ICO at http://www.ico.org.uk
They can also be contacted on :- 0303 123 1113.
Your Rights
You have the following rights:-
1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure ( although I can decline whilst information is needed for my professional practice)
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.
I will provide you with a written copy of the above if we meet and ask that you sign to provide your consent that you agree with my procedures.
Kirsty Anderson 