Client Privacy Notice
Your privacy is very important to me, and you can be confident that your personal information will be kept safe and secure and will only be used for the purpose it was given to me. I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003. This privacy notice tells you what I will do with your personal information from initial point of contact through to after your therapy has ended. Information regarding the collection of data via my website is included at the end of the policy.
I am happy to chat through any questions you might have about my data protection policy, and you can contact me via my email: hello@belindabennetts.co.uk
‘Data controller’ is the term used to describe the person/ organisation that collects and stores and has responsibility for people’s personal data. In this instance, the data controller is me and I am registered with the Information Commissioner’s Office.
1: My lawful basis for holding and using your personal information:
The GDPR states that I must have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which I am processing your data. I have explained these below:
- If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information.
- If you are currently having therapy or if you are in contact with me to consider therapy, I will process your personal data where it is necessary for the performance of our contract.
- The GDPR also makes sure that I look after any sensitive personal information that you may disclose to me appropriately. This type of information is called ‘special category personal information’. The lawful basis for me processing any special categories of personal information is that it is for provision of health treatment (in this case counselling) and necessary for a contract with a health professional (in this case, a contract between me and you).
2 How I use your information.
Initial contact
2.1 When you contact me with an enquiry about my counselling services, I will collect information to help me satisfy your enquiry. This will include your phone number and email address, and information related to your presenting issue that you send to me. Alternatively, your GP or other health professional may send me your details when making a referral.
2.2 If you decide not to proceed, I will ensure all your personal data is deleted within one month. If you would like me to delete this information sooner, just let me know.
While you are accessing counselling.
2.3 Everything you discuss with me is confidential. That confidentiality will only be broken if there is risk of harm to yourself or others or disclosure of illegal activities. I will always try to speak to you about this first, unless there are safeguarding issues that prevent this.
2.4 I will keep a record of your personal details to help the counselling services run smoothly. These details are kept securely on my work laptop and are not shared with any third party. I will keep written notes of each session, these are kept in a locked filing cabinet in my home.
2.5 For security reasons I do not retain text messages for more than 48 hours. If there is relevant information contained in a text message, I will write it down and place it with your notes in locked filing cabinet. Likewise, any email correspondence will be deleted after 48 hours if it is not important. If necessary, I will print relevant information and store it with your notes.
After counselling has ended.
2.6 Once counselling has ended your records will be kept for 5 years from the end of our contact with each other and are then securely destroyed. If you want me to delete your information sooner than this, please tell me.
2.7 I try to be as open as I can be in terms of giving people access to their personal information. You have a right to ask me to delete your personal information, to limit how I use your personal information, or to stop processing your personal information. You also have a right to ask for a copy of any information that I hold about you and to object to the use of your personal data in some circumstances. You can read more about your rights at ico.org.uk/your-data-matters.
3: Visitors to my website
3.1 This section sets out the basis on which any personal data collected from you, or that you provide, will be processed via this website.
4: Collation of Information
4.1 Information that you provide by filling in the contact page on my website. This information may include your name, email address, phone number and IP address.
4.2 If you contact me by letter or email, records of the correspondence may be kept.
4.3 Details of your visits to my site including, but not limited to, traffic data and location data.
5: Where I store your personal data
5.1 Personal data collected via the contact form through this site will be sent securely to my email address. This is a password protected account hosted by Hostcat Web Design that offers standard encryption (TLS) and is also subject to its own privacy policies. Your email address is stored on the account and is only accessible by me. These details will be deleted from the account when they are no longer deemed relevant.
5.2 By submitting your personal data, you agree to this transfer, storing and processing. I will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
6: Uses made of this information
6.1 To provide you with information that you request from me where you have consented to be contacted for such purposes.
6.2 To carry out my obligations arising from any contracts entered into between you and myself.
7: Disclosure of your information
7.1 I do not, nor does Hostcat (my website host) , share or sell your personal information submitted on this website with a third party.
8: IP Addresses and Cookies
8.1 I may collect information about your computer including where available your IP address, operating system and browser type, for statistical purposes. This is statistical data about visitors’ browsing actions and patterns and does not identify any individual. You may opt out of cookies.
9: Changes to my privacy policy
9.1 Any changes to this privacy policy in the future will be posted on this page.
This website, https://www.belindabennetts.co.uk, is SSL compliant.
Any questions regarding this Policy and my privacy practices should be sent via the contact page.
*** If you follow a link to any websites via my site, please note that these other websites have their own privacy policies and that I do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. ***