GDPR and Data Protection Privacy Policy

In order to comply with the General Data Protection Regulations (GDPR), effective from 25th May 2018, your permission is needed for me to record and retain personal contact details, and also other personal information such as notes I keep as a record of our sessions together. 

Personal contact details are held on password protected sites on my laptop and mobile phone, to which no other person has access.

Session notes are kept in a locked briefcase at my home, to which no other person has access. These notes are destroyed after three years, in line with BACP (British Association for Counselling and Psychotherapy) recommendations.

While you are working with me, I hold certain details about you: 

- The basic details I request at the start of our work in my Initial Assessments form.

- Any notes I take to facilitate my own personal understanding of your circumstances.

These notes are exclusively for my own use and held in paper form. I hold them securely until we end our work, whereupon I then destroy all but certain details: Name, when we met, and any concerns I had along the way, which I keep for three years for insurance purposes. 

In extreme circumstances, as detailed under ‘Confidentiality and its limits’ in our contract agreement (e.g. Substantial danger to self/others), it may be necessary for me to share the details I have with the appropriate authorities. Where the law allows, I will always consult you first.

Under Data Protection law, you have the right to:

– access a copy and explanation of their personal data 

– request correction or erasure, in certain circumstances 

– request limiting or ceasing data processing, where applicable 

– compensation for substantial damage or distress caused by data processing, where applicable.