Privacy Policy

When you share your personal data with Jemma Katy Counselling, we take our responsibility to protect it seriously. This policy sets out our privacy policies and the steps we’ve taken to keep your information safe.

Data security

In order to protect your information from loss, misuse or unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. These steps include the following:

  • Data minimisation (we only store data that we need)
  • Password best practice
  • Security best practice concerning online accounts, physical access, devices (PCs, laptops, mobile devices), and storage
  • Ensuring third parties services are GDPR compliant

What We Collect

When you contact us

If you contact us to enquire about our services or book an appointment we may collect the following information:

  • Name
  • Address
  • Email address
  • Telephone number

This information is collected online, on the phone and when you visit our counselling practice.

Our clients

As a therapy practice, we store:

  • Confidential therapy notes as a record of your sessions
  • A record of your appointments
  • Messages that we have received and sent to you
  • Records of your payment transactions

We collect this data to fulfil our contract to provide counselling services to you.

While using our website

We may collect information about your browser or device for our website to operate correctly. If you have agreed to analytics tracking we use Google Analytics to help us understand how our website is used, so that we can make improvements.

How we use your information

To contact you:

We will contact you regarding your enquiry or appointment. We may also contact you if our privacy policy changes.

Client records:

As a counselling service, we must keep accurate records of your therapy and any treatment you’ve received – this is classed as special category data.

We use your records to make sure that we are giving you the best care possible, and only your counsellor has access to your therapy data. We are trained to understand the importance of confidentiality and ensure that we only collect data that is absolutely necessary.

Marketing

We do not currently use any contact information for marketing purposes. We will not sell, distribute or lease your personal information to third parties.

Sharing your personal information

Client records

Client Records refer to a) anything that directly identifies a client, and b) anything that can identify a client when combined with other information. Records include client session notes, contracts, client creative work, diaries, emails, and text messages. Counsellors have both a legal and ethical duty to store client notes safely.

All paper-based notes are kept in a lockable cabinet, with client contact information kept separate to client session notes.

All electronic records are stored securely with a cloud-based provider. All records and devices used are password protected.

All records are kept for seven years before being destroyed.

Client safeguarding

All client sessions are strictly confidential. However, there are limits to this confidentiality and it is our legal responsibility to report any concerns for client or public safety. These limitations are:

  • if you tell me about harm to self or others,
  • domestic abuse where children are present and deemed to be in danger,
  • membership of a terrorist organisation or any act of terrorism,
  • any criminal act of which you have not been convicted,
  • if my notes are subpoenaed by a court of law, and if you agree I can share your notes with your GP.

Financial transactions

We provide transaction data (e.g. copy invoices) to our accountant.

Your right to access, correct and erase your data

Accessing your data

You have the right to know what personal data we hold about you and to make sure it’s correct and up to date. In order to receive such information, please send your request, including your full contact details, to our registered address. We will send you a reply within 30 days.

Correcting your data

If you would like to correct the information we hold about you, please let us know by email or your next appointment and we’ll put things right.

Erasing your data if you’re not a client

If you have contacted the clinic and not become a client, you have the right to request your data is erased. Just email us to make the request. We will comply, and notify you of success within 30 days. Unfortunately, we are not able to erase transactional data – this is a legal requirement.

Erasing your data if you are a client

Unfortunately, we are unable to erase the data of clients who have received therapy services- this is a legal requirement.

Data Breaches

In the unlikely event of a data breach, Jemma Katy Counselling will promptly notify you of any unauthorised access to your personal information.

Complaints

Complaints about how we’ve handled your personal information can be made via email or in writing to our registered address. If you are unhappy with our response, and believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).