Privacy Statement
It is a legal requirement under the UK GDPR ( UK General Data Protection Regulation ) for your counsellor/psychotherapist/supervisor to make clear to you their data processing procedure. Most importantly the UK GDPR made it a legal requirement for you to actively opt in and consent to these arrangements and the handling of your data.
I abide by the UK General Data Protection Regulation (UK GDPR) and am the registered data controller and processor for PatriciaMorrisCounselling (pmc). You can find out more about the UK GDPR from the ICO (Information Commissioner’s Office - https://ico.org.uk/ ). Under the UK GDPR the practitioner needs to make clients and supervisees aware of the following :
Reason for collecting Personal Data/Information
I collect relevant personal information from clients and supervisees to enable a working record of contact information, in case of emergencies (explained below) and for the ongoing work in the therapeutic or supervisory relationship.
Confidentiality – Will my Counsellor/Psychotherapist or Supervisor share my Data?
I am bound by the BACP Ethical Framework for the Counselling Professions, and also the BACP Ethical Framework for the Counselling Professions Supplementary Guidance: Working Online (GPiA 047). and provide confidentiality within these guidelines.
Our sessions are strictly confidential, and the contents will not be disclosed beyond good practice guidelines. These guidelines dictate the following exceptions to the confidentiality rule .........
How will my Counsellor/Psychotherapist or Supervisor store personal data and for how long?
• Personal data pertaining to our sessions and work together will be as minimal as is possible and will be stored under a coded client ID, password protected, and encrypted. Any handwritten information will be coded and stored under lock and key. Personal data/records of our sessions will be kept for up to 7 years after our work together has ended. Your personal data will be disposed of by wiping the electronic files and shredding any handwritten information. You can also request (in writing) that this data is destroyed : during our contact, once our work together ends, or at any time thereafter.
• Your telephone number will be coded by your initials and ID numbers/letters plus an icon to indicate purpose of contact (ie, client, supervisee). Your telephone number will be stored only for contact purposes, until such time as our contact ceases. Then it will be completely deleted.
Your rights under UK GDPR
You have the right to request access to your client record and receive an explanation of what is held within it.
You have the right to withdraw consent, to request erasure or correction of your client record, to request portability where it applies in law, and to object to or restrict collection and processing of your data.
You have the right to know the source/s of personal data not originating from yourself, and the right to not receive unsolicited marketing.
You have the right to be made aware of any companies automatic decision making processes (e.g, profiling) and any significance and consequence for yourself.
You will be made aware of any data breaches within 72 hours. You will be compensated for any damage or distress caused by the data breach.
You have the right to complain to the ICO (Information Commissioners Office) if you are unhappy with the data processing arrangements, and to engage representation from a not-for-profit body in doing so.
To summarise :
Any working contract shall be construed and governed in all respects in accordance with the laws of England and Wales and any dispute or differences in relation to this agreement shall be subject to the exclusive jurisdiction of the English Courts.
A note about external factors
Please protect your confidentiality when identifying yourself as the sender of payment. Your privacy within BACS and Paypal is beyond my control, apart from the secure account login details I hold.
Links to other websites - My website may contain links to other websites of interest or additional support. However, once you have used these links to leave this site, you should note that I do not have any control over those other websites or the privacy and protection of information you are provided with whilst visiting those websites. Other sites may or may not have their own privacy policy and are not governed by this privacy policy.
General Email - Please be aware that general email is not secure. Using Protonmail (which this service uses) or a similar 'end to end encrypted' email provider, offers security. Protonmail can be downloaded from the Web or in an App and is very easy to install and use. If you choose to email this service from an insecure email address you may like to protect your privacy by limiting content.
Social Media Policy and Working Online
This Privacy Statement is subject to change as circumstances and the Law demand - Please check it periodically to reassure yourself.
I abide by the UK General Data Protection Regulation (UK GDPR) and am the registered data controller and processor for PatriciaMorrisCounselling (pmc). You can find out more about the UK GDPR from the ICO (Information Commissioner’s Office - https://ico.org.uk/ ). Under the UK GDPR the practitioner needs to make clients and supervisees aware of the following :
Reason for collecting Personal Data/Information
I collect relevant personal information from clients and supervisees to enable a working record of contact information, in case of emergencies (explained below) and for the ongoing work in the therapeutic or supervisory relationship.
Confidentiality – Will my Counsellor/Psychotherapist or Supervisor share my Data?
I am bound by the BACP Ethical Framework for the Counselling Professions, and also the BACP Ethical Framework for the Counselling Professions Supplementary Guidance: Working Online (GPiA 047). and provide confidentiality within these guidelines.
Our sessions are strictly confidential, and the contents will not be disclosed beyond good practice guidelines. These guidelines dictate the following exceptions to the confidentiality rule .........
- I am required by the British Association for Counselling and Psychotherapy (BACP) to engage in regular supervision, which is a minimum of 1.5 hours per month. You may be discussed during the supervision; however your identity will remain anonymous. Clinical supervision is in place to ensure that your counsellor/psychotherapist/supervisor is working ethically and safely, and to ensure that you receive the best practice. I abide by the BACP Ethical Framework for the Counselling Professions. More details about this can be found at BACP Ethical Framework for the Counselling Professions, and also the BACP Ethical Framework for the Counselling Professions Supplementary Guidance: Working Online (GPiA 047).
- Counsellors/psychotherapists/supervisors are required to break confidentiality if they assess you are a risk of harm to yourself or to others. If at all possible they would always discuss a potential breach of confidentiality with you in advance. They would break confidentiality only to the relevant persons or authorities for the purpose of assisting your well being or the safety of others - If at any point during the counselling you were in need of emergency, medical, or additional support, I may ask for your consent to contact your GP or other appropriate services. - If at any point during the counselling you reveal intent to cause risk of harm to others, all counsellors are then legally bound to make disclosure to authorities.
- Under the UK GDPR the counsellor/psychotherapist/supervisor also has a legal requirement to disclose data if you are involved in drug money laundering, planning terrorist’s offences or if a Court Order has been made.
- With regard to online counselling via email, text/message, and webcam, the police and other authorities can ask for access to an individual’s email account or synchronous messaging account where there is suspicion of illegal or terrorist activities. They can also ask counsellors/psychotherapists for access to stored records. Counsellors/psychotherapists are not able to guarantee confidentiality in these circumstances.
How will my Counsellor/Psychotherapist or Supervisor store personal data and for how long?
• Personal data pertaining to our sessions and work together will be as minimal as is possible and will be stored under a coded client ID, password protected, and encrypted. Any handwritten information will be coded and stored under lock and key. Personal data/records of our sessions will be kept for up to 7 years after our work together has ended. Your personal data will be disposed of by wiping the electronic files and shredding any handwritten information. You can also request (in writing) that this data is destroyed : during our contact, once our work together ends, or at any time thereafter.
• Your telephone number will be coded by your initials and ID numbers/letters plus an icon to indicate purpose of contact (ie, client, supervisee). Your telephone number will be stored only for contact purposes, until such time as our contact ceases. Then it will be completely deleted.
Your rights under UK GDPR
You have the right to request access to your client record and receive an explanation of what is held within it.
You have the right to withdraw consent, to request erasure or correction of your client record, to request portability where it applies in law, and to object to or restrict collection and processing of your data.
You have the right to know the source/s of personal data not originating from yourself, and the right to not receive unsolicited marketing.
You have the right to be made aware of any companies automatic decision making processes (e.g, profiling) and any significance and consequence for yourself.
You will be made aware of any data breaches within 72 hours. You will be compensated for any damage or distress caused by the data breach.
You have the right to complain to the ICO (Information Commissioners Office) if you are unhappy with the data processing arrangements, and to engage representation from a not-for-profit body in doing so.
To summarise :
- I collect, store and process personal information about you to enable me to run my counselling/psychotherapy practice. This information can include contact information, as well as information about your age, health (mental and physical), sexuality (where relevant to the therapeutic work), domestic and financial arrangements (where relevant) and other special category data. I am able to collect this information upon the legal basis of "Legitimate Interests", as per UK GDPR regulations.
- Your information is stored anonymously, under lock and key and/or password and encryption protected. I may use this information to track the progress of our work together or to receive reflection and guidance from my supervisor. I will keep this information for up to 7 years. When deleted it will be by wiping electronic files and shredding any handwritten information.
- With regards to how this information is used, you have the right to have information about you deleted, have inaccuracies corrected, the right to access information about you - free of charge - within 1 month, the right not to receive any unsolicited marketing, the right to determine how information about you is processed and the right to complain if you are unhappy about any of the above by contacting the Information Commissioners Office here: https://ico.org.uk/concerns/, although I trust that you will try to discuss this with me in the first instance.
- Should anything happen to me that prevents me from attending a session and from communicating with you directly - such as illness or death - then I have appointed a Therapeutic Executor who is also governed by the BACP and observes both their Ethical Framework and existing Data Protection laws. The Therapeutic Executor would be able to access your contact details and inform you should this situation arise.
Any working contract shall be construed and governed in all respects in accordance with the laws of England and Wales and any dispute or differences in relation to this agreement shall be subject to the exclusive jurisdiction of the English Courts.
A note about external factors
Please protect your confidentiality when identifying yourself as the sender of payment. Your privacy within BACS and Paypal is beyond my control, apart from the secure account login details I hold.
Links to other websites - My website may contain links to other websites of interest or additional support. However, once you have used these links to leave this site, you should note that I do not have any control over those other websites or the privacy and protection of information you are provided with whilst visiting those websites. Other sites may or may not have their own privacy policy and are not governed by this privacy policy.
General Email - Please be aware that general email is not secure. Using Protonmail (which this service uses) or a similar 'end to end encrypted' email provider, offers security. Protonmail can be downloaded from the Web or in an App and is very easy to install and use. If you choose to email this service from an insecure email address you may like to protect your privacy by limiting content.
Social Media Policy and Working Online
This Privacy Statement is subject to change as circumstances and the Law demand - Please check it periodically to reassure yourself.
This website uses marketing and tracking technologies. Opting out of this will opt you out of all cookies, except for those needed to run the website. Note that some products may not work as well without tracking cookies.
Opt Out of Cookies