• Home
  • About Me
  • My Approach
  • Fees
  • The Space
  • Qualifications
  • Contact
  • More
    • Home
    • About Me
    • My Approach
    • Fees
    • The Space
    • Qualifications
    • Contact
  • Home
  • About Me
  • My Approach
  • Fees
  • The Space
  • Qualifications
  • Contact

Privacy Policy

  

The Basics

I understand the privacy policies can be long and tedious. I want you to know that your privacy is very important to me. You can be confident that your personal information will be kept securely and will only be used for the purpose it was given. I adhere to current data protection legislation, including the General Data Protection Regulation (EU/2016/679) (the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

In my role, I am defined as a ‘data controller,’ meaning I am someone who collects and stores personal data, and has a responsibility for it. I am registered with the Information Commissioner’s Office ( Ref.no. ZA630615 ) I am happy to discuss any questions you may have about my data protection policy. You can contact me at phoebemallion@googlemail.com.


The Finer Detail


1. My lawful basis for holding and using your personal information

1.1 If you are currently having therapy or if you are in contact with me to consider therapy, I will process your personal data where it is necessary for the performance of our contract. 

1.2 The GDPR also makes sure that I look after any sensitive personal information that you may disclose to me appropriately. This type of information is called ‘special category personal information’. The lawful basis for me processing this information is that it is for provision of health treatment (in this case counselling) and necessary for a contract with a health professional.

1.3  If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information. 


2. How I use your information

2.1 Initial contact:

If you initially contact me via my website contact form, you will likely share with me your name, email address, and any information you choose to share at this point in your enquiry. Information shared in this way is encrypted by an SSL Certificate. My website is hosted by GoDaddy. You can view their privacy policy at https://www.godaddy.com/en-uk/legal/agreements 


If you contact me through a third party link, for example through Counselling Directory or the BACP Directory, then you are sharing your data with them. Both of these organisations are GDPR compliant and their privacy policies can be viewed at https://www.counselling-directory.org.uk/privacy.html and https://www.bacp.co.uk/privacy-notice/ 


If you contact me initially via my mobile number, you will likely share your name, mobile number, and any information you choose to share at this point about what is bringing you to counselling. 

Following these initial forms of contact, I will then offer you an initial session to further discuss what you are looking for from counselling. If you choose to proceed, in advance of this session, I will ask you to complete a Google Form providing the following information: full name, address, contact telephone number, email address, GP address.

If you decide not to proceed, I will ensure all your personal data is deleted within two weeks. If you would like me to delete this information sooner, just let me know. 


2.2 While you are accessing counselling:

Everything you discuss with me is confidential. That confidentiality will only be broken to relevant outside agencies (GP, social services and or police where relevant):

· where I believe there may be a risk of harm to yourself or to others.

· where certain acts of crime have been disclosed, including; acts of terrorism, drug trafficking, money laundering and benefit fraud.

I would always try to speak to you about any break in confidentiality first, unless there were safeguarding issues that prevent this. 

I will keep a record of your personal details to help the counselling service run smoothly. These details are kept securely using Google Workspace applications which are encrypted in transit and at rest. Devices used to access these applications are password protected.

I will keep brief and anonymised written notes of each session. Session notes will be stored separately from any identifying information using Google Workplace applications. Files stored on Google Workspace are encrypted.

I do not retain text messages for more than 2 weeks.  If there is relevant information contained in a text message, I will record this and store it alongside session notes in Google Workspace. Any email correspondence will be deleted after two weeks if it is not important. If there is relevant information contained in an email, I will record this and store it with your session notes in Google Workspace. 


2.3 After counselling has ended:

Once counselling has ended, your records will be kept for three years from the end of our contact with each other and are then securely destroyed.  If you want me to delete your information sooner than this, please contact me in writing to make the request.


3. Third party recipients of personal data

I use Google Workspace applications including Google Forms, Google Drive and Google Docs to process and store information and data you share with me. I have carefully selected this platform, and have agreement in place which ensures that they only use information I share with them for the task for which they have been contracted. Google Workplace is fully GDPR compliant and their privacy policy can be viewed at https://cloud.google.com/privacy/gdpr 


4. Your rights

You have a right to ask me to delete your personal information, to limit how I use your personal information, or to stop processing your personal information. You also have a right to ask for a copy of any information that I hold about you and to object to the use of your personal data in some circumstances. You can read more about your rights at ico.org.uk/your-data-matters. 

If I do hold information about you, at your request I will:

· give you a description of it and where it came from

· tell you why I am holding it

· tell you how long I will store your data and reasons for this

· tell you who it could be disclosed to 

· let you have a copy of the information in an intelligible form. 

You can also ask me at any time to correct any mistakes there may be in the personal information I hold about you. To make a request for any personal information I may hold about you, please put the request in writing to phoebemallion@googlemail.com.

If you have any complaint about how I handle your personal data please do not hesitate to get in touch with me. I would welcome any suggestions for improving my data protection procedures. If you want to make a formal complaint about the way I have processed your personal information you can contact the ICO which is the statutory body that oversees data protection law in the UK. For more information go to ico.org.uk/make-a-complaint.


5. Data security

As you will see from the above, I take the security of your data very seriously and as such I take every effort to make sure it is kept secure. Here is a summary of the ways I do that:

· Information shared through my website contact form is encrypted through an SSL certificate

· Emails and texts I receive form you are deleted within 2 weeks. Any relevant information from such messages is transferred and stored on Google Workplace applications

· Google Workplace applications are cloud based. Information is encrypted at rest and in transit. 

· Files containing identifying information are stored separately to session notes.

· Devices used by myself to access your information and notes are password protected.


  

6. Use of My Website 

When someone visits my website my website host GoDaddy collects standard internet log information and details of visitor behaviour patterns. Similarly, I use Google Search Console to help me optimise the use of my website. I do this to find out things such as the number of visitors to the site. This information is only processed in a way that does not identify anyone. I do not make, and do not allow GoDaddy or Google to make any attempt to find out the identities of those visiting my website. I use legitimate interests as my lawful basis for holding and using your personal information in this way when you visit my website. Both GoDaddy and Google have their own privacy policies that can be viewed at https://www.godaddy.com/en-uk/legal/agreements/privacy-policy?target=_blankand https://policies.google.com/privacy?hl=en


  

7. Clinical Will

I use the online platform clinicalwill.app in order to maintain an up to date clinical will. This is to ensure that in the event of my sudden incapacitation or death, my current clients are informed, and that any information I hold on clients, past and present is dealt with appropriately, in line with the ethical guidelines of the BACP and data protection legislation. Your name and contact details will be stored on this platform to facilitate this process in the unlikely event that it is needed. I have carefully selected this platform, and have agreement in place which ensures that they only use information I share with them for the task for which they have been contracted. Their privacy policy can be viewed at https://clinicalwill.app/privacy_notice

Copyright © 2023 Phoebe Mallion Counselling - All Rights Reserved.

Oil paintings by local Bath artist Valerie Pirlot.

Powered by GoDaddy

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept