Although we need to collect and hold certain personal data in order to deliver our services to you, we are committed to protecting and respecting your privacy. This policy provides an overview of how we comply with General Data Protection Regulation (GDPR) in regard to any personal data we hold about you.
How we obtain personal information
If you contact us, whether by phone, email, website or other means, we may keep a record of that correspondence. We may ask you to complete various questionnaires and other forms that we will use to tailor our services to your needs. We may keep records of any meetings and sessions in the form of written notes or electronic notes. We may receive correspondence from you or from other healthcare professionals relating to your case.
There may be occasions when we produce notes, assessments or reports outside of sessions, requested by third parties, such as your insurance company if they have referred you to our service. In these instances we will always ensure we obtain your signed consent to do so.
What personal information we collect and how we use it.
We collect information that enables us to contact you, deliver our service to you or that enables us to comply with our legal or regulatory obligations, as follows:
- Your full name
- Your address
- Your telephone number(s)
- Your email address
- Your date of birth
- Contact details (name and phone number) for an emergency contact
- The name and contact details of your GP
- Online IDs for services such as Skype, where relevant
- The individual or organisation that referred you to us (where relevant)
- A record of appointment dates and attendance
- General and admin correspondence
- Session notes
- Information on the type and location of sessions
- Your reasons for contacting us
- The name and contact details of other healthcare professionals involved in your case
- Significant physical or mental health details, including medication
- The type of therapeutic service that is being provided to you
- Completed questionnaires and scores
- Correspondence from or to you about your case
- Correspondence from or to other healthcare professionals about your referral and treatment
- Correspondence from third parties about your referral
- Mobile communications (including texts or WhatsApp messages) from or to you about your case
- Voicemail messages from you or others about your case
- Writing or drawing or objects that you have produced as part of the therapeutic work or given to the therapist
- Diagrams produced collaboratively in sessions
- Completed consent forms
- Payment details, including payer, date and amount of the transaction.
We will not send you any correspondence that does not directly relate to your case, unless we have explicitly agreed that between us. We do not use your details for any general mailings out or for marketing or promotions.
Wherever possible, we will also respect your preferred method of communication if you have stated one.
Who we share your data with
We will not share any of your personal data with any third parties for any purposes, subject to the following important exceptions:
- In some limited circumstances, we may be legally required to share certain personal data if you are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
- if it is in the public interest to do so. This means that disclosing information might be necessary to prevent a serious crime or serious harm to yourself or others.
- All our team are required to undergo formal supervision. As part of these sessions it may be necessary to discuss your data with the supervisor who will be a qualified healthcare professional operating under terms of confidentiality.
If any of your personal data is required by a third party, like your GP or your medical insurance or any other health professional involved in your care we will take steps to ensure that you consent to this and that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
Your rights under data protection legislation
You have various rights under the relevant data protection legislation. Here is a summary of those rights but please contact us via email at email@example.com if you would like to know more.
You have the right to see what information we hold about you. Any access request may be subject to a small fee to meet our costs in providing you with details of the information we hold about you.
You have the right to ask us to correct any personal data we hold about you that is wrong. If you feel this is the case, then please let us know.
You have the right to ask us to erase any information we hold about you. However, this right may be limited by our need to comply with statutory or regulatory requirements for retaining data.
You have the right to ask us not to contact you. This may be for specific purposes or you may not wish to be contacted at all. Obviously, we will need permission to contact you if you are an active client so that we can continue to deliver the agreed services to you.
How we keep your data secure
The personal data we hold on you is stored either physically or electronically. All physical media is secured in locked storage when not in use. All electronic media is secured by password access and where possible encryption.
Data retention and destruction
We do not keep information about you any longer than is necessary. The length of time we keep your data may be determined by statutory or regulatory requirements. We delete or securely destroy all personal data when it is no longer required.
If you have any concerns about the way in which we are handling your data, then you can make a complaint to:
The Data Controller
Dr Jacqui Farrants Psychology
The Old Chapel, 33 Church Street
Coggeshall, Essex, CO6 1TX
Or by email at:
If you are not satisfied with our response, you have the right to raise your concerns to the Information Commissioner’s Office. Their details can be found at www.ico.org.uk