Privacy Policy

This policy tells you what data I will collect about you, how I will use it, how it will be stored and how long I will keep it. It outlines your rights with regard to your personal information.

 

As a registered member of BACP (British Association of Counselling and Psychotherapy) I abide by their Code of Ethics which includes strict guidance on confidentiality. Your privacy is very important to me and you can be confident that your personal information will be kept safe and secure and will only be used for the purpose it was given to me. I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003. 

 

Please note that you are under no obligation to give your consent for records to be held and can withdraw your consent at any time by emailing me at sarahdelfont@gmail.com. I do not give your personal details to any third parties unless authorised by you or required by law, other than in exceptional circumstances (see Disclosure below).

 

If you have any questions or concerns or would like to discuss any of the details of this policy, please contact me at sarahdelfont@gmail.com or on 07989 575824.

Personal data I hold about you

Identity Data

  • First name, last name, preferred name (if appropriate), title

 

Contact Data 

  • Mailing Address, Email addresses, Telephone numbers, Skype address (if necessary). 

  • GP contact details. 

  • Next of kin and their contact details

  • Telephone, email and skype details are held in my contacts on a password protected computer and smartphone

 

Session data 

  • I hold brief notes as a record of each session. 

  • These notes are stored in a password protected document on my computer. 

  • I keep any hard copy records or notes in a locked filing cabinet in my office at my house.

  • These notes are retained for a period of time specified by myself (6 years) in accordance with my professional bodies and professional indemnity insurers. 

  • As soon as the retaining period has lapsed, all notes are destroyed. 

 

I use your personal data for the purpose of contacting you for the following reasons

  • To arrange or rearrange a session

  • To submit an invoice

  • To submit a receipted invoice

  • To provide any information we may have agreed

  • To update you about my services

  • To contact you in an emergency 

 

Disclosure

I abide by the BACP Ethical Framework for the Counselling Professions which states that ‘We will give careful consideration to how we manage situations when protecting clients or others from serious harm or when compliance with the law may require overriding a client’s explicit wishes or breaching their confidentiality (Good Practice, section 9. Also see sections 25 and 54). I will only grant access to or share your data with anybody else where I am required or entitled to do so by law under lawful data processing. There are times when I may still need to share your information with others, for example: 

  • any stated purposes I tell you about when you supply me with information 

  • as part of my duty to protect a child, a vulnerable adult, yourself or the public 

  • for the prevention and detection of a crime 

  • for the assessment of any tax or duty 

  • if I am required to do so by a court of law

  • I have supervision on a regular basis to support my work and ensure I work within the recommendations of the BACP Code of Ethics. My supervisor does not have access to your records or any identifying information relating to you, except a first name.

 

ICO: I am registered with the office of the information commissioner, in accordance with current legislation. https://ico.org.uk (awaiting ref. no)

Should there be any reason to disclose your personal information as stated above I would endeavour to discuss this with you prior to disclosure if at all possible.

Breach of security

 

I have a duty to report any breach to data security to the Information Commissioner’s Office (ICO) within 72 hours. If the breach is likely to adversely affect your rights and freedoms, I would seek to inform you without undue delay. 

 

Right of erasure 

Under the GDPR legislation, you have a ‘right of erasure’ to ask for records to be destroyed. Normally your records will be destroyed 6 years after counselling has finished.

 

Right to see the data held about you 

You have a right to see any data that I hold about you at no charge. If you would like access to your records please ask me. I am required to supply them to you within one month. 

 

Website

I manage my own website and no personal details are taken from it, other than if you complete the contact form which is directed through to my email address below. 

 

Complaints

If you have any complaint about how your personal data is handled please do not hesitate to email me at sarahdelfont@gmail.com . I welcome any suggestions for improving my data protection procedures.

If you want to make a formal complaint about the way I have processed your personal information you can contact the ICO which is the statutory body that oversees data protection law in the UK. Please see: https://ico.org.uk/make-a-complaint

 

Should I be unable to communicate with you directly, such as in the event of accident, severe illness or death, then I wish you to know I have appointed a Therapeutic Executor who, in these circumstances, would be able to access your contact details in order to notify you.

 

 

Mobile: 07989 575824

Email: sarahdelfont@gmail.com

© 2020 sarahdelfont.co.uk