This privacy notice explains what to expect when Caroline Midmore Counselling collects and uses your personal information. The General Data Protection Regulation (GDPR), which came into effect on 25th May 2018, requires that clients are given this information, however in practice there is minimal change in my work as my processes already complied with the Data Protection Act. You can find out more from Caroline Midmore:
07581 069877 email@example.com
I am committed to ensuring that your information is secure. In order to prevent unauthorised access, I have put in place suitable physical, electronic and managerial procedures to safeguard the information I collect and generate. Information is kept for between 1 and 2 years after completion of counselling (except in the case of an exceptional ongoing need to retain it eg legal proceedings) and is then deleted/destroyed securely.
The personal information I collect may include:
· Personal identifiers such as your name and date of birth (to verify whether you are 18 or over)
· Contact details such as postal address, postcode, email and phone number(s)
· Financial information such as bank account and payment card details
· Medical information such as GP details and medication (this is classified as ‘special category’ data)
· Notes of the content of counselling sessions (also classified as ‘special category’ data)
I collect and hold personal information for these purposes:
· Record keeping, arranging appointments, arranging payments and similar administrative tasks
· Maintaining the quality of services to clients, including compliance with BACP Ethical Framework
· Improving communications with potential clients, eg identifying websites used by clients to find me
Lawful basis for processing personal data
I process your data on the basis of legitimate interests in order to comply with BACP’s Ethical Framework and to enable me to share your personal information should I consider this necessary for your safety or that of another person, or for legal reasons – see below. Special category data is processed under condition (h) relating to provision of health care.
Sharing your personal information
Personal information will only be shared:
- During supervision as required by BACP; your identity will not be disclosed.
- Where relevant, with the organisation referring you, eg a health insurer or occupational health provider; you will be specifically informed if this applies to you
- If there is a serious risk of harm to you or another person, in order to enlist other services to help keep you/the other person safe. Wherever possible this is done with your prior consent but where deemed necessary after appropriate consideration, may be done regardless of consent.
- If there is a need to disclose information about possible criminal acts or security threats to the authorities, or if instructed by a court or other legal entity.
Access to your data
You have the right to have your personal data returned to you in a paper or electronic format and may then pass this on to another counsellor/data controller. There is no charge for this. You also have the right to ask for your personal data to be deleted, however this may mean the counselling relationship cannot continue.
Version dated 21 February 2020