Your privacy matters.
The General Data Protection Regulations, GDPR, came into effect on 25th May 2018. In accordance with these regulations, this policy outlines my procedures for collecting, storing and processing personal information (data). Personal data refers to any detail about a living individual that can be used on its own, or with other data, to identify that individual.
The aims of GDPR, known as ‘data protection principles’, ensure that all personal data is:
Used fairly and lawfully
Used for limited and specifically stated purposes
Used in a way that is adequate, relevant and not excessive
Kept for no longer than necessary
Kept safe and secure
Not transferred outside the European Economic Area (EEA) without adequate protection.
GDPR legislation is relevant to all workforce sectors. Data storage processes should be thought of as living things and reviewed regularly.
Data protection policy.
As an independent psychotherapist, I am responsible for taking the lead on compliance, personal data, information and procedures, dealing with both internal and external access requests, and how the information collected is used.
I never pass any of your information on to other parties without your express permission. I never, and will never, sell any details.
Unless there is a life-threatening emergency or safeguarding issue, as a professional and ethical practitioner I will always inform you and seek your consent throughout our therapeutic work together.
If held on paper, information is stored in a locked filing cabinet; if electronic, files and folders are password protected.
I will keep you informed of any changes or updates regarding how much information I must retain, and for how long. I will be responsive to any new information or tools.
I hope this information is helpful and clear. If you have any questions or concerns, please don’t hesitate to contact me.