PRIVACY POLICY
Keeping your data private is important to me and I take the requirements of the General Data Protection Regulation (GDPR) very seriously. Your personal data will be kept safe and secure and only used for the purpose for which it is provided. This policy lets you know the personal details I collect from you as a client, and how I store, hold, process and destroy them. Thrive Therapy is registered with the Information Commissioner’s Office (ICO) reference ZB760546.
Collection of Information About You
I collect personal information from you when you make contact with me to enquire about counselling. This information includes contact details, your availability and other relevant personal information.
If you decide to go ahead with counselling we will, during the initial consultation, set out a Counselling Agreement for our work together. I will ask you to sign the agreement before we start work. This agreement covers my commitment to your confidentiality, and the rare circumstances in which information may be shared . I collect the following personal information:
Name and address, Date of Birth, Preferred contact number, email address, emergency contact details, GP contact details, and relevant details regarding your health and any medications.
Sharing of Information
Information about you is collected for the purposes of our work together. I will not share your details with any other person or organisation without your knowledge and permission unless there is a legal requirement to breach confidentiality. If I were concerned about the risk of serious harm to you or someone else I would need to consult with my clinical supervisor to decide the safest way to proceed. I would try to discuss this with you first but there could be a situation where this was not possible.
There are also legal limits to confidentiality. If there was a disclosure of harm to a child or a vulnerable adult, a threat of terrorism, or drug trafficking offence I am obliged by law to break confidentiality and report this to the appropriate authorities. I attend regular supervision in line with the requirements of the British Association for Counselling and Psychotherapy so that my work is regularly monitored by a qualified supervisor. When attending supervision and discussing my client work, I refer to clients only by their first name and any discussions between my supervisor and myself are confidential.
Storage and Security of Personal Details
Your personal details are stored in a locked filing cabinet, accessed only by myself. They are stored separately from any session notes. Each client is allocated a reference number that is noted in a separate password protected document and any further notes are stored under this reference number.
I manage my appointments in my email calendar and you will be referred to within this by your initials. This diary is stored separately from your personal details.
I do not store client names in my phone contacts. I use a password protected professional email account for the receipt of client emails. This email account is separate from my personal email account. For ease of use emails are not sent in an encrypted form unless you request I do so. Email, unless encrypted, is not a fully secure means of communication. Whilst I endeavour to keep my systems and communications protected against viruses and other actions that could negatively impact your privacy, I cannot bear responsibility for all communications from me being free of viruses.
I keep your personal details, texts and emails (both sent and received) for two months after counselling ends for the purposes of administration and in case you decide to return to counselling. Thereafter the information is destroyed. Any case notes will be stored securely for 7 years in line with the British Association of Counselling and Psychotherapy recommendations and will then be destroyed.
Your Rights
In accordance with the General Data Protection Register you have the right to:
Be informed of the information I store about you (as set out in this Privacy Policy)
Ask to see the information that I hold about you within 30 days of requesting and to ask that I rectify any information you deem inaccurate, unnecessary or incomplete. I may decline this request if I need to keep a record to comply with legal requirements
You can also ask me at any time to correct any mistakes there may be in the personal information I hold about you. To make a request for any personal information I may hold about you, please put the request in writing addressing it to sophielanderscounselling@gmail.com. If you have any complaint about how I handle your personal data please do not hesitate to get in touch with me by writing or emailing to the contact details given above. I would welcome any suggestions for improving my data protection procedures. If you want to make a formal complaint about the way I have processed your personal information you can contact the ICO which is the statutory body that oversees data protection law in the UK. For more information go to ico.org.uk/make-a-complaint.
I use Squarespace as the content management system for my website. Like most websites it uses cookies to help the site work more efficiently. No user-specific data is collected by me or any third party.
If you fill in the contact form on my website, that data will be temporarily stored on the web host before being sent to me.
For online sessions I generally use Zoom (security statement here). Each client has a unique Zoom link for sessions; end-to-end encryption is turned on and the waiting room feature is in use, meaning nobody else can join our meetings.