Client Privacy Notice
Clay Counselling is registered with the Information Commissioner’s Office, reference number ZA623601. Clay Counselling is a Controller of your data. This notice is to provide you with information about the personal data I collect, why I collect it, the way it is stored, what I do with it and the length of time I keep it before destruction. This is also to inform you of your rights. I comply with the General Data Protection Regulation.
The data we keep and how we use it
When you first contact Clay Counselling, I will ask you for details such as name, address, telephone number etc. so that I am able to get in touch with you and arrange to meet you. I will also ask you for GP details, which will only be used in a medical emergency. I may also ask for further information in order to give you the best possible service.
At our initial consultation, and during counselling, I will ask for other relevant information in order for us to decide the best way forward for you and provide you with the appropriate therapeutic service. I may take brief written notes about our sessions; these will not include your name or any identifying information (e.g. DOB, workplace). Certain data (e.g. the CORE questionnaire, which is widely used in counselling services) will be used to monitor the quality of my service and to inform our work together.
All data will be kept securely in a locked cupboard in my home. Any session notes will be kept in a separate locked cupboard from your name and contact details.
If I need any information about you from a third party (e.g. your GP) I will only contact the third party with your consent.
Clay Counselling has a legitimate interest in processing personal data in order to provide a counselling service. The personal information I hold about you will be kept securely and used only to provide the best possible service to you, to assist in clinical assessment and for professional clinical supervision. It will not be shared with any other organisation or person outside Clay Counselling, without your knowledge or permission unless there is a legal reason or any cause to believe that you or another is in imminent and serious danger.
When you have finished counselling, your data will be kept securely for a period of 7 years in order to protect my legal position in the event of any legal proceedings. After that time it will be destroyed securely. Any payment data is held for at least 6 years to comply with HMRC regulations.
I will take all reasonable precautions to prevent the loss or misuse of the data you give me and to preserve its accuracy. Any messages left on my voicemail or e-mailed to me, will, once processed, be deleted.
I will not keep any data longer than is necessary in order to provide a service to you and to comply with legal regulations. My laptop is protected against outside harm as far as is reasonably possible and has passcode protection.
If in the future it is required or necessary to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information.
There are many video conferencing platforms available for online counselling with Zoom being the most commonly used and preferred platform at Clay Counselling. More information about Zoom’s security can be found at https://zoom.us/trust/security. It is possible to use a different online platform if you prefer; we will look at the security of your preferred option together to decide if the security is suitable.
For telephone counselling, Clay Counselling will use either a mobile phone or land line depending on the location of the call. Your phone number will not be saved onto the phone, although will be saved in the call logs of the mobile phones for a short period of time. Our mobile phones will be protected by security codes.
Neither Clay Counselling or you have permission to record any part of online or telephone counselling sessions. Written notes can be taken if you would like to record any information from a session.
Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data. You have the right to request from me access to and rectification of, and, under certain circumstances, erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances, the right to data portability.
If you wish to have access to your data, please send me your request by email to email@example.com. I will arrange for the information to be available to you, free of charge and within 30 days.
If you believe that any of the data I hold about you is inaccurate, if we are in agreement, the data will be altered. If there is reason for disagreement, we will record your objection and the reason for the disagreement.
If you have concerns about the way in which your data is processed or stored, please contact me so that we can try to resolve any issues. You have the right to lodge a complaint to the Information Commissioner’s Office if you think that I have not complied with the requirements of the GDPR with regard to your personal data.