Lynn Barnes Counselling (LBC) is committed to complying with the terms of the General Data Protection Regulation (GDPR) made on 27th April 2016 and the GDPR from 25th May 2018, regarding the responsible and secure use of your personal data.
LBC has a legitimate interest in processing personal data to provide psychotherapy and counselling services. The purpose of this statement is to let you know what personal information LBC collects and holds and why this data is collected, how long it is kept for and your rights over your personal data. LBC is registered with the Information Commissioners Office (ICO) reference ZA104842.
When you request counselling with Lynn Barnes Counselling or otherwise provide your personal details, you will be asked to consent to processing of your data under the terms of this policy.
1) What information do I collect?
I collect personal data such as name, address, date of birth, gender, GP details, telephone numbers and e mail address. I also collect any data you give me regarding personal and family background. I collect sensitive data in relation to medical and mental health conditions.
I require this information so that I can decide if it is appropriate for me to offer counselling or psychotherapy services to you.
Website – This is maintained by Webhealer. For clarity in this statement, your details are not stored on their systems for any contact requests made through them.
Cookies – The website www.lynnbarnescounselling.co.uk does not require cookies to function properly.
2) What do I use your information for?
I use information held about you in the following ways:
• To provide clients with the professional counselling/psychotherapy service requested from me.
• To notify clients about changes to appointments and other changes to my services.
• To fulfil my administrative, legal, ethical and contractual obligations as a Psychotherapist.
3) What information do I share?
I will not share any information about you with other organisations or people, except in the following situations:
• Consent – I may share your information with medical professionals or others whom you have requested or agreed I need to contact. I will ask for separate written consent when possible
• Serious harm – I may share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person.
• Compliance with law – I may share your information when I am required to by law or by the regulations and other rules to which I am subject.
4) How do I keep your information safe?
All information you provide to me is stored as securely as possible. I will take all reasonable precautions to prevent the loss, misuse or alteration of information you give me.
All paper forms and correspondence are kept in locked filing cabinets. All electronic records are stored on my own personal computer which is password protected and has security software installed. I also use a cloud-based service to access and backup files.
If emails are sent to you or other parties (with your written consent) then documents attached are password protected to try to prevent unauthorised access. Passwords are provided separately.
Your identifiable personal information is kept separately from any session notes and other descriptive material. Client notes and other documentation are destroyed 3 years after the end of counselling. Paper based records are destroyed using a cross cut shredder.
Whilst I endeavour to keep my systems and communications protected against viruses and other harmful effects, I cannot bear responsibility for all communications being virus free.
Any known data breaches will be reported to the ICO within 72 hours.
When using links on my website to access other organisations such as BACP, UKCP, Facebook or Twitter you should check their privacy policies/notices.
5) Your rights
Under the GDPR, you have the right to:
- Access your personal data
- Rectify, erase or restrict your data
- Object to the processing of your data
- Request transfer of data (data portability)
- Lodge a complaint with Lynn Barnes counselling or the overarching regulator, the Information Commissioner’s Office.
- If you would like to see the information I hold about you, or would like to correct, update or delete any records, please e mail me on [email protected] To understand how to do this you should visit the Information Commissioners Offices website at www.ico.org.uk.
There maybe a legal requirement for me to keep certain information for three years.
You may withdraw your consent for me to hold and process your data at any time. However, if you do this while actively receiving counselling, your counselling would have to end. You can withdraw your consent by stating this on an e mail to [email protected]
If you have any concerns about the way I handle your data, you have the right to contact the Information Commissioners Office (www.ico.org.uk)
6) Changes to this policy
I may edit this policy from time to time. If I, make any substantial changes I will notify you by posting a prominent announcement on my website and in the counselling room.