I am committed to ensuring that your privacy is protected, and that any information you provide will only be used for the purpose it was given to me for. I adhere to current data protection legislation and am registered with the Information Commissioners’ Office (ICO).
What data I keep and why
Under General Data Protection Regulation (GDPR) 2018 I must have a ‘lawful basis’ for holding your personal data. This is because I am providing you with a service and I need certain information to provide that service.
I keep your name, date of birth, email, mobile, GP details, and next-of-kin. These details are kept on file in a locked filing cabinet. I also keep your phone number and email address on my phone, which is only accessed by me and is password protected.
I keep brief session notes about our work together, which are anonymised. This is to aid continuity between sessions and to frame any discussion I might have with my supervisor. No one else will read these notes and they are stored securely.
The storing and destruction of your data
Your session notes, contact information and privacy agreement will be kept for 7 years. Some clients return to therapy after several years and it can be useful for me to have that documentation. After 7 years, this paperwork will be shredded. If you would prefer me not to retain your data, let me know and I will destroy it as soon as therapy has ended.
Any electronic communication between us by email or text will be deleted as soon as the information is no longer needed. For example, if you text me to schedule an appointment I will delete the text once that session has taken place.
Sharing of data
Your data will not be shared with a third party except: