www.psychotherapywithsam.com - Privacy Statement and Data Protection
Your personal information and privacy is important to me and I want to be transparent about how I use and hold your data.
The GDPR (General Data Protection Regulation) states that I must have a lawful basis for processing your personal data. These include:
• If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information
• If you are currently having therapy or if you are in contact with me to consider therapy, I will process your personal data where it is necessary for the performance of our contract.
What data do I keep and why do I need it?
Name and age – this is basic information that helps me get to know you.
Address, email address, phone number – I use this as a way of contacting you regarding your sessions. I will mainly use email to contact you but it is useful for me to have alternative ways of reaching you.
Any email or text conversations we have – These include our initial conversation and any conversations we have between sessions.
Doctors details/Emergency contact – If I was worried that you were at risk then I may need to contact your doctor. Where possible I will always endeavour to tell you I was going to do this. In the unfortunate event that you fall ill in our sessions I might need to contact who you have shared as your emergency contact.
Will I share your data and if I do who will I share it with and for what purpose?
It is very unlikely that I will share your data. I certainly will not sell it on or use it for unethical reasons. I may have to share it if my notes are subpoenaed by court, if you or anyone you tell me about is at harm, or risk of harm. In such incidences I may have to pass this information on to your GP or the police.
In line with the Ethical Guidelines of my professional body, I also have a professional will in place. This means that if something unforeseen should happen to me that prevents me from contacting you directly to tell you I am unable to work, a named trusted colleague will call you in my place. This colleague will also, therefore, securely and confidentially hold your name and contact details for the duration of our work together.
Please note your name may appear on bank statements if you pay via bacs.
How will I store your data?
Your personal data is stored in a password protected file on my laptop.
Your payment information is stored within my online banking platform, which is also password protected.
In order to keep a record of our work together, I will keep brief session notes. These are anonymised and kept in either a password protected file on my password protected laptop or in a locked cabinet.
All information I have relating to our work together, including your contact details, will be kept for the duration of our work and for 7 years after our work has come to an end, in accordance with the requirements of my insurance policy and the British Association for Counselling and Psychotherapy (BACP).
After this time, all information relating to you and our work together will be confidentially destroyed.
You have the right to view the data I hold about you; to make changes to that data; and to ask for it to be deleted or destroyed at any time.
Any such requests should be made in writing and allow 30 days to be processed. I will review and discuss your request with you within this time-frame.
Please note that there may be circumstances in which it is not possible to meet your request due to the requirements of my insurers or professional bodies.