Privacy Policy
This document sets out the ways in which I will collect, process and store your personal information. It will also inform you of my obligation as the data controller to keep your personal information safe, my reasons for storing your personal information, how long I am obliged to keep your personal information for and your rights under the General Data Protection Regulation (GDPR)[1]. You can find out more about the GDPR on the website of the Information Commissioner’s Office (ico.org.uk).
Website Privacy Notice
Cookies will be used, and personal information may be collected, when using my website rebeccacappercounselling.co.uk. This may include the IP address of the computer or internet enabled device you are using to view the website. The information collected will be used to improve the user experience and analyse the use of this website. This may involve the use of services and analytical tools provided by third party software providers, and may result in the transfer of personal information outside of the European Union. By using this website, you are consenting to the use of your data in this way.
Counselling Privacy Notice
I will need to obtain personal information in order to be able to provide you with counselling. The therapeutic relationship relies on trust, and I therefore place great importance on keeping your personal information as safe as possible. I will only ask you for personal information I need to provide you with counselling, only keep it for as long as I need it to meet my legal and professional obligations and take reasonable steps to ensure your personal information is safely stored.
What information will I collect?
Personal Information:
-
First Name and Family name
-
Marital status*
-
Address
-
Email address
-
Telephone Number
-
Date of birth
-
Name and contact details of the GP with whom you are registered
Sensitive personal Information
-
Gender*
-
Religious or cultural beliefs*
-
Sexuality*
-
Physical and mental health details
-
Personal and family history
*This information is not routinely collected and will only be recorded and retained where it is relevant to the counselling process.
What will I use this information for?
-
To maintain records.
-
To respond to any enquiries you might make regarding appointments.
-
To safeguard you and others you know.
-
For me to fulfil my responsibilities as a counsellor.
Where does the information I hold come from?
-
All information I hold comes directly from you, given either verbally or in writing.
Who will this information be shared with?
-
Our work together is confidential, however there are some exceptional circumstances where I may be obliged to share your information. These circumstances are as follows: If you disclose serious intent to harm yourself or another, disclosure of serious criminal activity, my notes are required by a court of law. Under these circumstances your personal information could be shared with your GP, the police or a court of law.
-
Anonymised clinical material may be shared with my supervisor, who is GDPR compliant, during supervision.
-
Your personal information will never be shared with third parties for marketing purposes. If I believe you would benefit from a referral to another service or product, I will discuss this with you and seek your consent before passing any personal information onto the relevant provider.
-
In the event of my death or severe incapacitation your name and contact information will be shared with my clinical executors for the sole purpose of informing you in a safe, ethical manner.
How will this information be stored?
-
After the initial appointment, you will be allocated a reference number which is stored with your name and contact details in a password protected file on my encrypted hard drive. This information may also be stored in encrypted form on a secure, online server (which may result in your personal information being transferred and held outside the EEA). Other personal details collected during the initial appointment are filed separately, under your allocated number in a locked filing cabinet. These notes will be stored for the duration of our work together and for up to seven years after the work is completed.
-
Your telephone number. This will be stored under your initials on my password protected mobile phone to be used in the event that I should need to contact you regarding appointments. This information will be deleted once our work together ends.
-
Clinical case notes. I keep brief notes summarising the theme of each session and recording the date and session number. This is in accordance with the BACP code of ethics and to fulfil the obligations placed upon me by my insurance company. These notes are stored under your case number on my encrypted hard drive and on online secure servers. These notes will be stored for the duration of our work together and for a maximum of seven years after the work is completed.
-
Email, voicemail and text sent by you to me will be deleted once they have been read and actioned. These will either be received on my password protected mobile phone or on my encrypted hard drive.
-
Online Video Appointments. Online video appointments take place on an end to end encrypted platform. Data from these appointments is not stored by me or the platform provider. Sessions will not be recorded by me without gaining explicit, separate consent from you.
Corrections and concerns
-
If you are concerned that the information I hold about you is incorrect or out of date, please contact me and I will seek to resolve your concern.
-
If you wish me to delete your personal information please send me a request in writing and I will take reasonable steps to do this, unless I am obliged to keep it for legal reasons or to comply with my professional obligations.
-
You have a right to ask for a copy of your personal information, free of charge, in electronic or paper format.
What will happen in the event of a data breach?
If for any reason your personal information is disclosed, I will inform you in writing of the nature of the disclosure and I will inform the Information Commissioners Office (ICO) within 72 hours of discovery of the breach. I will work to minimise and resolve the breach as quickly as possible.