Privacy Notice – Counselling Services

This Privacy Notice explains how I collect, use, store and protect your personal information in accordance with

the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and my professional

obligations as a BACP Accredited counsellor.

I am registered with the Information Commissioner’s Office (ICO), Registration Number: ZA771240

What information I collect

To provide counselling services, I collect personal information including:

● Your name

● Postal address

● Date of birth

● Telephone number

● Email address

● GP details

● Relevant medical information (where appropriate)

● Emergency contact details (where appropriate)

During our therapeutic relationship, I may also record:

● Assessment information

● Brief factual counselling notes

● Information you choose to share regarding your presenting concerns, personal, family, social and professional history

● Information relating to risk, safeguarding or referrals

● Administrative information, including appointments, cancellations, payments and agreed actions

To help protect your confidentiality, you will be allocated a unique identifying code. Wherever practicable, your identifying information is stored separately from your counselling records.

Why I collect your information

Your personal information is collected for the purpose of:

● Providing safe and effective counselling

● Maintaining appropriate clinical records

● Meeting legal, ethical and insurance requirements

● Communicating with you regarding appointments

● Maintaining accurate financial records where required by law

Lawful basis for processing

I process your personal information under the lawful basis of Contract, as it is necessary to provide the

counselling services we have agreed.

As counselling involves information relating to health, I also process special category data in accordance with UK

GDPR provisions relating to the provision of health care and the management of health services, together with

my professional and legal obligations.

Confidentiality

Everything discussed within counselling is treated as confidential.

There are, however, circumstances in which confidentiality may need to be limited. These include:

● Where disclosure is required by law or a court order.

● Where there is a serious risk of harm to yourself or another person.

● Where safeguarding concerns arise involving a child or an adult at risk.

● Where disclosure is necessary to fulfil my legal, professional or ethical responsibilities under the BACP

Ethical Framework.

Wherever possible, I will discuss any proposed disclosure with you before information is shared.Professional Supervision

As part of my professional practice, I receive regular clinical supervision.

Information discussed with my supervisor is anonymised wherever possible. My supervisor is also bound by

professional confidentiality and data protection obligations.

In exceptional circumstances, I may provide my supervisor with your contact details solely so that you can be

informed if I become unexpectedly unable to continue providing counselling.

Storage and security

Your personal information is stored securely using password-protected electronic systems and, where applicable, locked paper files.

Where practicable, identifying information is stored separately from counselling records.

Appropriate technical and organisational measures are in place to protect your personal information against unauthorised access, loss, misuse or disclosure.

Record of contact

Your contact details may be stored on my work mobile phone for the duration of our counselling relationship.

Text messages and emails are retained only for as long as they remain relevant to the administration of your counselling, after which they are securely deleted in accordance with my record retention procedures.

Sharing information

Your personal information will not normally be shared with anyone else.

Information may only be shared where:

● You have given your explicit consent.

● There is a legal obligation to disclose information.

● There is an overriding ethical duty to protect you or another person from serious harm.

● Disclosure is necessary to comply with professional or regulatory requirements.

Only the minimum necessary information will be shared.

Retention of records

Counselling records are retained for 7 years from the end of the counselling relationship, in accordance with professional guidance, insurance requirements and my legal obligations.

When records are no longer required, they will be securely destroyed.

Your rights

Under UK data protection legislation, you have the right to:

● Request access to the personal information I hold about you.

● Request correction of inaccurate or incomplete information.

● Request restriction of processing in certain circumstances.

● Object to processing where applicable.

● Request erasure of your personal information where this is legally appropriate.

● Lodge a complaint with the Information Commissioner’s Office (ICO).

Requests should be made in writing. I will respond within the timescales required by data protection legislation.

Data breaches

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, I will act in accordance with my legal obligations. This includes notifying the Information Commissioner’s Office where required and informing you if the breach is likely to result in a high risk to your rights and freedoms.

Questions or complaints

If you have any questions about how your personal information is handled, please discuss these with me in the first instance.

If you remain dissatisfied, you have the right to complain to the Information Commissioner’s Office.

Information Commissioner’s Office

Website: www.ico.org.uk instrument such as a court order.

This personal information will be held securely for a period of 3 years from the date of your final attended counselling session. Where it is necessary to retain this personal information for a longer period, due to any issues arising out of the work, it will be held for 7 years from the date of your final attended counselling session.

Under normal circumstances all counsellors have Clinical Supervision once a month and only your first name and age will be used. All supervisors used by me are ICO Registered and GDPR Compliant. Your contact details alone will be shared, in exceptional circumstances, with my Supervisor so that if I am incapacitated you can be contacted to explain the situation.  

Information about counselling sessions and our work together
Notes may be kept about each therapy session under your unique identifying code. These notes will be brief and a factual record of the session. This set of notes will include any agreements made with you e.g. cancelled sessions, holidays, changes to appointment times or location, appointments with other professionals e.g. your GP or hospital. If there is a need to speak and write to your GP this will also be noted and dated on these notes. These notes may be shared with a supervisor or Counselling professional body.  Information from these notes may be made available to legitimate third parties under the following conditions:

• Receipt of a request from you and where the release of the notes is not judged by the counsellor as likely to cause you significant harm or harm to another person, or to breach the other person’s right to anonymity

• Where there is a specific legal requirement for me to do so

• Where there is an ethical duty for me to do so e.g. to avoid serious harm to yourself or another person, including the safeguarding of children or vulnerable adults


Record of contact between us
Your contact details may be held on my work mobile phone until the counselling relationship ends at which point it will be deleted from the contact list. Texts are held only whilst they are relevant e.g. in connection with your appointments.

 
Your rights
You have the right to ask to see information held by me about you. To do this please contact me or submit a request in writing. You also have the right to ask that information which you believe to be incorrect is rectified. You will be provided with the information requested within 4 weeks. If your personal information may have accidentally or maliciously been obtained by a third-party I will notify you within three working days, if this is feasible. If you are concerned about the way that your information is being held please discuss it with me. If you are still unhappy you have the right to complain to the Information Commissioner’s Office www.ico.org.uk

I confirm that I am registered with the ICO.


Privacy Notice – Clinical Supervision

This Privacy Notice explains how I collect, use, store and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and my professional obligations as a counselling supervisor.

I am registered with the Information Commissioner’s Office (ICO), Registration Number: ZA771240

What information I collect

To provide clinical supervision, I collect personal information including:
● Your name
● Postal address
● Telephone number
● Email address
● Professional registration (where applicable)
● Placement or employer details (where relevant)
● Emergency contact details (where appropriate)

During our supervisory relationship, I may also record:
● Dates and times of supervision sessions
● Brief factual supervision notes
● Professional development goals
● Information relating to ethical issues, safeguarding or professional practice
● Administrative information such as cancellations, payments and agreed actions.
Where client work is discussed during supervision, supervisees are expected to anonymise all client information wherever possible.


Why I collect your information

Your information is collected solely for the purpose of:
● Providing professional clinical supervision
● Maintaining appropriate professional records
● Meeting legal, ethical and insurance requirements
● Communicating with you regarding supervision appointments
● Maintaining accurate financial records where required by law.

Lawful Basis for Processing

I process your personal information under the lawful basis of Contract, as the information is necessary to provide the supervision services we have agreed.
Where necessary, I may also process information to comply with my legal obligations, or where there is a legitimate interest in maintaining safe and ethical professional practice.


Confidentiality

Everything discussed within supervision is treated as confidential. However, confidentiality may be limited where:
● disclosure is required by law or court order;
● there is a serious risk of harm to yourself or another person;
● safeguarding concerns arise involving a child or vulnerable adult;
● disclosure is necessary to fulfil my professional or ethical responsibilities under the BACP Ethical Framework.

Where possible, any disclosure will be discussed with you before information is shared.

Professional Supervision

As part of my own professional practice, I receive regular clinical supervision.
Information discussed with my supervisor will relate to my supervisory work and will be anonymised wherever possible. My supervisor is also bound by professional confidentiality and data protection requirements.

Storage and Security

Your personal information is stored securely using password-protected electronic systems and, where applicable, locked paper files.

Identifying information is kept separately from supervision notes wherever practicable.

Appropriate technical and organisational measures are used to protect your personal information against unauthorised access, loss, misuse or disclosure.

Online Supervision

Where supervision is conducted using Google Meet, both parties are responsible for ensuring they access sessions from a private and confidential environment.
Sessions are not recorded by either party unless agreed in writing beforehand.

Sharing Information

Your personal information will not normally be shared with anyone else.
Information may only be shared where:
● you have given your explicit consent;
● there is a legal obligation to disclose;
● there is an overriding ethical duty to protect someone from serious harm;
● disclosure is necessary to comply with professional or regulatory requirements.

Only the minimum necessary information will be disclosed.

Retention of Records

Supervision records are retained for 7 years from the end of the supervision relationship, in accordance with professional guidance, legal obligations and insurance requirements.

When records are no longer required, they will be securely destroyed.

Your Rights

Under UK data protection legislation, you have the right to:
● request access to the personal information I hold about you;
● request correction of inaccurate information;
● request restriction of processing in certain circumstances;
● object to processing where applicable;
● request erasure where legally appropriate;
● lodge a complaint with the Information Commissioner’s Office (ICO).
Requests should be made in writing and I will respond within the timescales required by data protection legislation

Data Breaches

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, I will act in accordance with my legal obligations, including notifying the Information Commissioner’s Office where required and informing you if the breach is likely to result in a high risk to you.

Questions or Complaints

If you have any questions about how your information is handled, please discuss these with me in the first instance.

If you remain dissatisfied, you have the right to contact the Information Commissioner’s Office.

Information Commissioner’s Office
Website: www.ico.org.uk