Privacy Statement
Your Information
From 25th May 2018 European legislation (GDPR - General Data Protection Regulations) brought in revisions to privacy policies for the protection of an individual’s data. This is a positive and welcome change to keep our data safe and to ensure that active consent is obtained with regards to how I may contact you.
The privacy policy statement below tells you what personal information I hold about you, what I do with it, and your rights.
Web cookies and data storage
DM Counselling is hosted on the Wix.com platform. Wix.com provides us with an online platform that allows us to advertise our services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
Wix uses cookies for many important reasons, such as:
• To provide a great experience for visitors and customers.
• To monitor and analyse the performance, operation and effectiveness of Wix's platform.
• To ensure our platform is secure and safe to use.
For more information about how cookies are managed, please see the Wix web page where you can find further detail.
I may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
When you contact us via our website, as part of the process, we use personal information you give us such as your name, address, and email address so that we may respond to your query. Your personal information will be used for the specific reasons stated above only. Once I have responded to your query I delete your information, unless you then become a client. At that point your details are kept in our secure record system as discussed when we contract during our initial session.
Please speak with me if you have any further queries not covered here.
What data/information do we hold about you?
This is the information we ask you for and about during your initial assessment session:
-
Contact details
-
History and related information
-
Medication
-
Brief session notes that we use to keep track of our journey together and to help identify patterns to bring to your attention.
What do we do with this information?
I keep these records in order to work professionally, fulfill our roles as counselling practitioners, and to offer you the best therapy I can.
Your information is only used for the purpose of informing therapy and any associated referrals.
Your information is treated with the utmost confidentiality and it will never be disclosed to any third party without explaining why this may be necessary and getting your consent, except where required to do so by law or where we feel you are at serious risk of harming yourself, harming others or at serious risk of harm from others. Your safety will be our prime objective in these cases.
Your information will not be taken outside of the EU.
How long do we keep your information?
I am required to keep your information for a minimum period of 7 years following the last occasion on which therapy is undertaken. If you are under 18 then records will be kept for a period of 7 years from when you turn 18. When the 7 years is up any electronic records about you will be deleted and any paper records will be destroyed in a confidential manner (shredding or burning).
Contact information
I will contact you as appropriate, for example; with appointment reminders, with requested information, in response to your contact via the contact form on our website, social media, or other electronic or other means.
I may contact you to ask how you are if you have not attended a session and have not made any contact to ensure you are safe and/or if you wish to continue therapy.
Your rights
I might not be able to provide therapy if you don’t agree to records and information being kept about you.
Under the GDPR you can ask for your records to be erased but we may have to keep basic information to fulfill our professional requirements.
I may need to move your records or contact information around (electronically, between computers and other devices, or physically move paper records) as long as precautions are in place to protect your information from being seen by anyone without your permission.
The GDPR gives you the following rights:
-
The right to be informed – this is how your information is stored and used (as set out here in this privacy policy).
-
The right of access – you can see the records held about you.
-
The right to rectification – you can tell us to make changes to your record if it is incorrect or incomplete.
-
The right to erasure/the right to be forgotten – you can ask for your records to be erased but please be aware that we may have to maintain basic information to fulfill our professional and legal requirements.
-
The right to restrict processing – you can request limits on how we use the information held about you.
-
The right to data portability – under some circumstances you can request your data to be copied and used in another system, this only applies when processing is carried out by automated means.
-
The right to object – you can request that some of your information is not used or that it’s used only for certain purposes.
-
The right not to be subject to automated decision making including profiling - this is not something that we do.
Details of your rights can be found on the website https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you have any queries or concerns about how your information is held or used please contact me detailing your concerns.
If you are dissatisfied with my response you can contact the Information Commissioners Office or find more information on their website ico.org.uk
Name and contact details for ‘the controller’ and 'the processor' of the information
Danielle Miller
Please see the ‘contact us’ section of the website if you wish to contact us about any of this.
Clinical Wills
In the event of the unexpected death or sudden illness of your therapist, where your therapist would be unable to contact you, one of the other data controllers (as listed above) will have been appointed as Therapeutic Executor and will take care of contacting you. They are also a qualified therapist and adhere to the same ethical framework and confidentiality rules as your therapist. They will only access your contact details in an emergency and discuss with you appropriate onward arrangements.