Your Privacy is important to me and I am committed to being a good custodian of your personal information. To do this I work within current legislation, I follow the requirements of my insurers and I also follow the Ethical framework of the BACP.
Information about you
In order to work ethically as a counsellor, I will need to collect and store personal information about you. This may include your name, address, date of birth, contact details, and our emails to and from each other. The information about you will be saved under a client code in a locked file.
Your contact details will be used to contact you and confirm your identity.
When we begin to work together, I collect emergency contact details and details of your GP. I keep this data in a secure file along with your name and contact details. It is unlikely that I would ever use this information, but I hold it in case I become concerned for your welfare. You may also feel that it is relevant to share medical information that could impact our sessions. Again, this information will be held securely in a locked file.
At the end of each of our counselling sessions I will be making brief, factual notes. These notes will also be saved under a client code in a locked file.
To work within the Ethical Framework of the BACP counsellors are required to attend regular counselling supervision. The purposes of supervision are to maintain professional standards and aid the counsellor’s development. In supervision anonymised client information will be shared when I discuss my caseload. No identifiable information is shared as part of this process.
I am required by law to retain certain financial information, primarily for tax purposes, and as advised by HMRC this is retained for seven years. Payments you make are input into a spreadsheet referenced by your client code. Payment by bank transfer will be processed by my bank. Any bank statement showing any identifiable details about you is kept in a locked file. If this needs to be submitted for tax reasons I block out any identifiable details. Banking transactions may be viewed by employees of the bank, my accountant and HMRC tax officers who will all have their own GDPR policies.
I have a separate mobile phone which is used for business purposes. This phone is passcode protected and it is not used by anyone else. I use phone to call clients and sometimes to send text messages. The phone is a smart phone and could have your texts on it. I do not store any names or contact details on this phone, and I delete all the texts after a period of time.
Information received via my website contact form will be collected, stored securely and used to contact you in response to your enquiry. The website may collect your IP address, email address, computer and connection information. The website may use software tools to measure and collect session information, including page response times and length of visits to certain pages.
Time limits for keeping records
Your information will be stored for up to 7 years after our counselling relationship has completed. After the retention period is over, all records will be shredded or electronically deleted.
Sharing your information
I will not share your information with any third parties unless
• I receive a request from you or your representative, and where the release of that information is not judged by my as likely to cause significant harm
• Where there is a specific legal requirement to do so
• Where there is an ethical or legal duty to do so in order to avoid serious harm.
Access to your information
Under the GDPR and the Data Protection Act (2018) you have the right to ask to see any information held by me about you. You also have the right to ask me to rectify any information which you believe to be incorrect. If you would like to exercise your rights under this legislation, please contact me with details of your request. You can read more about your rights at ico.org.uk/your-data-matters.
If you have a complaint about how I handle your personal data please do not hesitate to get in touch by email at firstname.lastname@example.org If you want to make a formal complaint about the way I have processed your personal information you can contact the ICO. This is the statutory body that oversees data protection law in the UK. For further information contact https://ico.org.uk/make-a-complaint/
If you have any concerns or questions about this policy or anything contained within it, please contact me to discuss this further.
Informed consent and agreement
Before we commence our sessions together, please sign and return this agreement to confirm you are happy with the way your personal information is being collected, stored and used.