Your privacy is very important to me. You can be confident that your personal information will be kept safe and secure and will only be used for the purposes it was given to me. I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
This privacy notice tells you what I will do with your personal information from your initial contact to after the end of your therapy. If you have questions about it, you can contact me at marsha@southwarkpsychotherapy.co.uk.
‘Data controller’ is the term used to describe the person/organisation that collects and stores and has responsibility for people’s personal data. In this instance, the data controller is me.
‘Therapy’ is the term used throughout this document to include individual and relationship counselling and psychotherapy.
I am registered with the Information Commissioner’s Office (ICO) which is the statutory body that oversees data protection law in the UK (Registration number: ZA829291).
My postal address is: Southwark Counselling & Psychotherapy, Unit 1, 25a Blue Anchor Lane, London, SE16 3UL.
My phone number is: 07835 259 868.
My email address is: marsha@southwarkpsychotherapy.co.uk.
The GDPR states that I must have a lawful basis for processing your personal data. Depending on the stage of our relationship, my lawful basis will either be the performance of our contract, or legitimate interest as follows:
If you are in contact with me to consider therapy or are currently having therapy with me, I will process your personal data as necessary for the performance of our contract.
If you have had therapy with me and it has now ended, my lawful basis for holding and using your personal information is legitimate interest.
The GDPR also makes sure that I look after any sensitive personal information that you may disclose to me appropriately. This type of information is called ‘special category personal information’. The lawful basis for me processing such data is provision of health treatment (in this case therapy) and necessary for a contract with a health professional (in this case, a contract between me and you).
You can find out more about lawful bases for processing data, and how these are applied here: ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing
When you contact me with an enquiry about my therapy services, I will collect information to help me satisfy your enquiry. This will include your name, phone number and/or email address. Alternatively, your GP or other health professional may send me your details when making a referral, or a parent or trusted individual may give me your details when making an enquiry on your behalf. If you decide not to proceed, I will ensure all your personal data is deleted within three months. If you would like me to delete this information sooner, just let me know.
Everything you discuss with me during therapy sessions is normally held in the strictest confidence, however there are exceptions. For example, I may need to break confidentiality if there is a threat of harm to yourself or to others, if you reveal knowledge of terrorist activity, for reasons of child protection or if a court order is received and a legal obligation arises. Wherever possible, and if it is appropriate to do so, I will speak with you first.
Information I keep on secure record includes:
When you begin therapy, I will assign you a client number. Except for your personal information and signed Therapy Agreement, all information is filed against your client number (not your name) and contains nothing that can be used to identify you.
To contact you in an emergency, I will store your preferred telephone number and email address on a SIM card which is used for therapy business only. This information is saved against your first name and surname initial.
Your contact details will be shared with my Therapeutic Executor, so they can let you know in the event of my death or incapacitation.
For security reasons I do not retain text messages for more than one week. If there is relevant information contained in a text message, I will transfer it to your electronic case notes. Likewise, any email correspondence will be deleted after one week if it is not important. If necessary, email correspondence is kept electronically. If we are in email contact, the information contained within will be accessible by my email hosting provider, Clook. Clook is ISO:27001 (Information Security Management) and ISO:9001 (Quality Management) accredited, and each team member is DBS checked. Their privacy policy is available here: clook.net/legal-documents
I use Zettle to process payments. Their Privacy Policy is available here: zettle.com/gb/legal/privacy-policy
I use Microsoft 365 to manage my business administration. Their Privacy Statement is available here: privacy.microsoft.com/en-gb/privacystatement
When we stop working together, I will keep records for one year from the date of our final contact, after which time electronic records will be erased, and paper records shredded. If you would like me to delete this information sooner, just let me know. I will keep my case notes (which do not contain identifying data) for seven years from the date of our final contact. This is a requirement of my liability insurance in case of complaints or legal claims and is a permitted exception to your right to erasure.
Under the GDPR, you have the following rights:
If you are unhappy with how I handle your personal data please contact me in writing or by email using the contact details above. I welcome any suggestions for improving my data protection procedures.
If you want to make a formal complaint about the way I have processed your personal data you can contact the ICO. See ico.org.uk/make-a-complaint for more information.
When someone visits the Southwark Counselling & Psychotherapy website, I use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. I do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. Neither I nor Google Analytics attempt to find out the identities of those visiting my website.
I use legitimate interest as my lawful basis for holding and using your personal information in this way when you visit my website.
I use Google Analytics so that I can continually improve my service to you. Their Privacy Policy is available here: policies.google.com/privacy
I use WordPress as the content management system for my website. Their Privacy Policy is available here: wordpress.org/about/privacy
Like most websites southwarkpsychotherapy.co.uk uses cookies to help the site work more efficiently. Find out more here: southwarkpsychotherapy.co.uk/cookie-policy
No user-specific data is collected by me or any third party. If you fill in a form on my website, that data will be temporarily stored on the web host before being sent to me.
Privacy Policy | Cookie Policy
© Southwark Counselling & Psychotherapy.
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_DNRB1V7LQE | 2 years | This cookie is installed by Google Analytics. |
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
elementor | never | This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |