top of page

Privacy Policy

​

The General Data Protection Regulation (GDPR) is the most significant piece of privacy and data protection in twenty years. It came into effect on 25th May 2018, and I am required to ensure that I gain data protection and privacy consent from you. Your consent is sought within the therapeutic agreement.

This Privacy Notice explains how I, Gemma Daniel, use and protect any information that you give me when you inquire about and/or use my psychotherapy services. I am registered with the Information Commissioner's Office (ICO) for safe keeping of this information. I understand GDPR practices and abide by them.

I am committed to ensuring that your privacy is protected. Should I ask you to provide certain information by which you can be identified then it will only be used in accordance with this privacy statement.

​

Information I May Collect

You may give me information about you such as, but not limited to: name, address, email, phone number, date of birth, GP contact details, brief information about you and your immediate family member(s) mental health history, family and support structures, medications prescribed and non-prescribed, eating and sleeping patterns, and goals for therapy.

I will record session attendance and a will keep a brief general overview of what was covered in a session.

​

Why is data processed and stored? 

Contractual:
- To manage relationship with you
- To fulfil contract
- To deliver service
- To manage payments

Consent:
- To manage sensitive data as a (UKCP/BACP) healthcare professional

Statutory/Legal:
- To fulfil legal duties
- To keep records
- To ensure safeguarding
- To comply with professional regulations and standards

​

How is data process and stored?

Electronically in accordance with GDPR. Computer storage of all data is password protected.  Mobile phone contact details are held on a password protected mobile device. I will never use your personal data for any purposes other than the administration of the therapy service that I am providing to you i.e. to arrange, cancel and rearrange appointments.  

​

When is data processed and stored? 

- During our contract.
-When it is in your best interest e.g. to fulfil contract.
-When I have a legal duty e.g. safeguarding concerns.
-When it is in my legitimate interest i.e. running business, paying taxes.
-When you consent.

 

How long and why is data kept?

When we have finished our work together your information will be put into archive storage, and subject to restricted processing. Records will be retained in line with my insurance company and governing body policies. This will be no less than seven years but may be kept for much longer and this will depend upon a variety of different factors (e.g. legal rules, insurance requirements, changes to ethical policies, returning clients, etc.). Retention is a legal duty, necessary in case there are legal proceedings or complaints for which documentation is required. Records will be disposed of/deleted securely according to legal requirement.

 

Disclosure of your information

Any information I record about you is confidential and collected in order to carry out my professional and contractual obligations during our therapeutic relationship.

I maintain confidentiality in accordance with the UK Council for Psychotherapy (UKCP) and British Association for Counselling and Psychotherapy (BACP) Ethical principles and code of Professional Conduct – this can be viewed at https://www.psychotherapy.org.uk/registers-standards/standards-guidance-and-policies

If I have safeguarding concerns regarding either yourself, children, or other people that you are in contact with, I may need to share this information with other agencies. I will look to gain your consent if these situations arise, but I retain the right to break confidentiality without prior consultation with you, should I consider that the urgency of the situation requires me to act immediately to safeguard the physical safety of yourself or others.

I am obliged to share information if the courts order me to do so. Your consent will be sought where possible, and in writing. I have a legal obligation to report any information that relates to terrorism, money laundering and radicalisation.

 

Access to information

You can request access to the personal information that I hold about you, and you can transfer that information to a third party if you wish. I will provide this, except in the limited circumstances in which I am permitted not to. You may request amendments to the personal information that I hold about you that is inaccurate or out-of-date. If you request that I delete your personal information, I will take all reasonable steps to do so unless I need to keep it for legal, auditing or internal business purposes.

 

For children and young people

In addition to the above, the information that you provide is used for the purposes of assessing your child’s needs and for providing a counselling or psychotherapy service to them. Some non-identifiable information may be shared with my supervisor who will provide professional advice and feedback to me. This will be done anonymously so you and your child will not be identified from this process. I will securely store the information acquired from the counselling or psychotherapy sessions in a locked filing cabinet/be password protected. It will be kept for no less than seven years post turning 18-years old but may be kept for much longer and this will depend upon a variety of different factors (e.g. legal rules, insurance requirements, changes to ethical policies, returning clients, etc.). 

​

I may need to request further information from your child’s GP or from another professional or third party so I can act in the best interests of the child.

​

On exceptional occasions, it may be necessary for me to share the information that you or your child have disclosed with further individuals or organisations. Reasons for doing this include, but are not limited to:

  • as part of my duty to protect a child, a vulnerable adult, yourself or the public

  • for the prevention and detection of a crime

  • if I am required to do so by a court of law

​

Contact

Complaints, questions, comments and access requests should be addressed to Gemma Daniel at gemma@riseandroot.net.

You can also refer to the Information Commissioner’s Office website at https://ico.org.uk/. Their website explains your rights in relation to the information we hold. You can also contact them for any further questions or support.

bottom of page