This privacy policy outlines how your personal information is collected, stored, and shared by me in line with General Data Protection Regulations (GDPR) (2018). I work with clients and *supervisees and in each case, we will discuss GDPR and our counselling or supervision contract in our first session which we will sign to indicate our agreement should we choose to work together.
What information do I collect and why? My assessment form requests your name, address, **date of birth, telephone number, email address, GP details or emergency contact and medical information relevant to counselling, as well as a counselling history. This is so that I can provide you with a counselling/supervision service. Your telephone and email address are collected so I can contact you regarding your sessions, forward you a contract or invoice you for a session. Your name, address, GP, or emergency contact details are in case of emergency (see emergencies below).
What information do I store and how do I keep it secure? I keep brief paper notes following sessions which I anonymise with a unique client identifying code along with any outcome measures. These notes are locked securely in a cabinet and separated from your assessment form which is also locked securely. I will store your mobile number in a separate business-related mobile phone which is passcode protected and allows me to make contact in case of emergencies. Your email address will be stored in my work computer under a separate work email account. I also have the following in place to ensure data is secure:
~ My computer is password protected. ~ Client notes and outcome measures are separated from assessment details and locked securely away. ~ E-mail messages and text messages are regularly deleted unless relevant to sessions. ~ I have a separate mobile phone for business also password protected.
Therapeutic Will Your name and contact details shall be shared with my Therapeutic Executor. This is so that in the event of my death you can be contacted if you are still having sessions with me.
Emergencies. If your health is at risk and with consent, I may share your contact details with your GP or emergency services.
The right to access and be forgotten. You have the right to ask to see the information that I hold about you and rectify any inaccurate or incomplete personal information held as well as to withdraw consent to me using your personal information at any time. You have the right to request that any information I hold be erased. (exceptions are if the information is needed to be retained for insurance or legal obligation).
Erasing your data Once we finish our work together, I shall erase the electronic copies of the data and correspondence that I hold within 4 weeks. Written and printed data will be kept for up to seven years as recommended by my professional body and insurers. After this time all data will be securely destroyed.
Complaints Any complaints should be addressed to the BACP; however, I hope that to prevent escalation we are able to establish open communication so that you feel able to raise any concerns within our sessions.
*Supervisees you will be offered a separate supervisee contract advising our responsibilities of working together and my confidentiality policy which includes details of my consultative supervision. ** I will not request your date of birth. I will ask for details of your modality, agency work and or private practice. For student counsellors I will ask for your training establishments should we need to collaborate e.g., for report writing.