General Information
This privacy policy sets out how I use and protect any information supplied by you during our work together in accordance with General Data Protection Regulation (GDPR).
I am committed to ensuring that your privacy is protected and should I ask you to provide certain information, by which you can be identified you can be assured that it will only be used in accordance with this privacy statement.
I want to ensure that I adhere to UK GDPR according to the Data Protection Act 2018 which is the UK's implementation of the General Data Protection Regulation. More information about GDPR and how this should be applied can be found at www.gov.uk.
I may change this policy at various points in accordance with legislation. If I make material changes to this policy, I will notify you of the update during our sessions, so that you are aware of what information I collect, how I use it, and under what circumstances, if any, I use and/or disclose it.
How your information is collected, processed and stored?
In order to provide you with a counselling service I may collect personal information. This will include:
- Name and address
- Phone number(s)
- GP details
- Next of kin
These will in part either be provided by you when making contact with me, usually by email, phone call or text message, or I may request these directly. I may also write notes about our sessions as an aide memoire together with any forms completed during our sessions where relevant.
I collect this information for the following reasons:
- As part of the counselling contract and business agreement between us.
- For administrative purposes such as changing appointments
- To discuss payments.
- To help with our therapeutic work.
- In case of emergencies.
- To conform with my insurers requirements with regard to keeping notes on our work together. (Please rest assured that the notes are anonymised and held securely for a maximum of 7 years after our work has ended).
In addition, I collect your details to abide by relevant Covid-19 safety guidelines and contact tracing purposes (please see face to face contract details).
Please note, should you choose to pay me by bank transfer, your information will then form part of the bankʼs data over which I do not have any control. You should exercise caution and look at the privacy statement applicable to the banks in question.
How do I keep your information secure?
I am committed to ensuring that your information is safe and secure. I have put in place suitable physical, electronic and managerial procedures to safeguard the information to prevent unauthorised access and disclosures. This includes the use of passwords on electronic devices, anonymising records and locked filing cabinets for paper documents.
How do you give consent?
As previously stated, if you make contact with me enquiring about my services, I will use your data in order to make contact to discuss your needs and possibly to make an initial appointment. By proceeding with contacting me, you are giving me consent for the purpose of this process.
In the event that you decide not to go ahead and work with me, I will ensure that your data is deleted.
During our first meeting I will give you a Privacy Statement and Data Protection form for you to read and complete, which clearly states how your personal data will be used. By signing this form you will consent to your data being used, processed and stored as outlined above.
If you believe that consent has not been given for an activity that utilises your personal data, please contact me immediately stating your concerns.
If you would like to access, correct, amend or delete any personal information I have about you, or you would like to withdraw consent and no longer want me to process your data any more, you are invited to contact me at lindsey@leafcounselling.co.uk or discuss it with me in person.
What are your rights?
In accordance with the GDPR I aim to resolve any ‘individualʼs rightsʼ issues within the statutory time period of 30 days at no cost to the individual.
I endeavour to store legitimate, relevant and accurate information about my clientele. You have the right to request the following:
- Personal data that I have stored
- Change personal data if inaccurate
- Have your data erased (where it does not infringe on me carrying out contractual obligations or other overriding regulations e.g. storage of data for accounting purposes or for legal reasons).
- Removal from a particular process (where it does not infringe on me carrying out contractual obligations or other overriding regulations e.g. storage of data for accounting purposes or for legal reasons).
I will not sell, distribute or lease your personal information to third parties unless required to do so by law.
Please contact me to exercise your rights in any of the areas above or If you believe that any information or requested information on this website contravenes GDPR. Where inaccuracies or inappropriate data issues are identified I will seek to correct these as soon as possible.
Links to other websites
My website may contain links to other websites of interest. I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites as these sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
