Data Protection Officer: Henzy Tanrien-Sawyer
I take the security of the data I hold about you very seriously and as such I take every effort to make sure it is kept secure in a locked filing cabinet and use of passwords. Please read below:
The Data Protection Act 1998 was developed to give protection and lay down rules about how data about people can be used. The 1998 Act covers information or data stored on a computer or an organised paper filing system about living people. The basic way it works is by: setting up rules that people have to follow. Source taken from www.gov.com
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). GDPR came into effect across the EU on 6 Mar 2018; May 25, 2018. The GDPR is Europe's new framework for data protection laws. It replaces the previous 1995 data protection directive. The new regulation started on 25 May 2018. It is enforced by the Information Commissioner's Office (ICO). The principle of integrity and confidentiality requires me to handle personal data “in a manner [ensuring] appropriate security”, which include “protection against unlawful processing or accidental loss, destruction or damage”. Source taken from gov.uk.
In summary, my understanding of GDPR is that it allows citizens the right to privacy and to access information held about them. It also allows them to update or delete information and the right to be forgotten. This helps me to inform clients during contracting that their personal data is kept confidential within my practice, but would request consent if information of their data is to be shared for referral purposes or as a result of limits to confidentiality.
In order to respect your privacy, I have included some information below for you to read carefully. It is important to me that you feel confident that your personal information and data is kept safe and secure and used appropriately for the purpose you have consented to expect for limits of confidentiality where you and others may be at risk.
I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
This privacy notice tells you what I will do with your personal information from initial point of contact through to after your therapy has ended:
What type of information I collect from you
How and where I collect your information
When clients contact me with an enquiry about my counselling service, I will collect their personal information and sensitive data from them to help me satisfy their enquiry. This may include communication done verbally, written, electronically or by telephone.
Why I need to hold your information
The GDPR also makes sure that I look after any sensitive personal information you may disclose to me, appropriately. The GDPR states that I must have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which I am processing your data. I have explained these below:
What I use your personal information for
How I store your information
Your data protection rights
I am happy to chat through any questions you might have about my data protection policy and you can contact me on 07492184419 or click the mail icon on the side bar
If you want to make a formal complaint about the way I have processed your personal information you can contact the ICO which is the statutory body that oversees data protection law in the UK. For more information go to www.ico.org.uk/make-a-complaint
Visitors to my website
No user-specific data is collected by me or any third party. If you fill in a form on my website, that data will be temporarily stored on the web host before being sent to me and deleted.