General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European union that comes into effect from 25 May 2018. This document sets out how Davis Emotional Well-being Ltd complies with these laws.
Davis Emotional Well-being Ltd is committed to protecting your rights to privacy. These rights are:
Right to be informed about what the therapist does with your personal data
Right to have a copy of all the personal information the therapist process about you
Right to rectification of any inaccurate data the therapist process, and to add to the information the therapist holds about you if it is incomplete
Right to be forgotten and your personal data destroyed
Right to restrict the processing of your personal data
Right to object to the processing the therapist carries out based on our legitimate interest
Reasons for collecting and processing information about you:
What type of personal data is collected and processed
Davis Emotional Well-being Ltd collects information about you that may include personal or sensitive information, such as:
Personal information: name or given name, family name or surname, address, telephone numbers, date of birth, gender (or preferred identity), age, relationships and children, occupation, telephone/SMS number, email address, video conference ID (if online therapy), GP contact details, school details (for children).
Sensitive information: medical conditions (if relevant), prescribed medication, psychological history and current difficulties, and sexuality.
Sensitive personal data: signed therapy contract, therapy records (therapist notes, letters, reports and/or outcome measures).
To make sure that you are assessed and/or treated safely and appropriately, Davis Emotional Well-being Ltd records your personal information, as well as all contacts you have with the therapist such as appointments and the results of assessments and letters relating to your care/report.
Davis Emotional Well-being Ltd will also process personal data pursuant to legitimate interests in running the business such as invoices and receipts, accounts, VAT and tax returns.
Web access collection of information
When you complete an online contact form, Davis Emotional Well-being Ltd will collect information about you and your internet protocol (IP) address. This is automatically supplied by the website software used to offer the form. Davis Emotional Well-being Ltd always tries to minimise the amount of personal information that he requires to provide a specific service or feature. All web services used by Davis Emotional Well-being Ltd are GDPR compliant.
How your personal information is stored
Davis Emotional Well-being Ltd takes your privacy very seriously. The therapist is committed to taking all reasonable steps to protect any individual identifying information that you provide. Once data is received, efforts are made to ensure its security on his systems. All personal information provided is stored in compliance with EU General Data Protection Regulations rules.
How long your personal information is stored for
Davis Emotional Well-being Ltd does not keep your data for longer than is necessary. Basic contact information held on a therapist’s mobile phone is deleted within 6 months of the end of therapy and the sensitive personal data defined above is stored for a period of 7 years after the end of therapy. After this time, this data is deleted at the end of each calendar year.
Administrative data is retained for up to six years as necessary, in the unlikely event there are queries from HMRC and the VAT commissioner. Where it is not necessary to retain the data for six years, it is destroyed as soon as possible.
What the therapist does with your personal information
Davis Emotional Well-being Ltd takes your privacy seriously. The therapist will only use your personal information to provide the services you have requested from him. If you do not provide the personal information requested, then the therapist may be unable to provide a therapy service to you.
How your personal information is used
The therapist uses the information he collects to provide his services to you, process payment for such services and send you information.
Who might the therapist share personal information with
Davis Emotional Well-being Ltd holds information about his clients and the therapy they receive in confidence. However, in exceptional circumstances, the therapist might need to share personal information with relevant authorities:
When there is need-to-know information for another health provider, such as your GP.
When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.
When the information concerns risk of harm to the client, or risk of harm to another adult or a child. The therapist will discuss such a proposed disclosure with you unless he believes that to do so could increase the level of risk to you or to someone else.
What the therapist will NOT do with your personal information
He will not share your personal information with third-parties for marketing purposes.
How he ensures the security of personal information.
Personal information is minimised in phone and email communication. Personal information is also stored on file and an office computer owned by the therapist. These are locked in a secure location and password protected. Malware and antivirus protection is installed on all computing devices. Mobile devices are protected with a passcode/thumbprint scanner, mobile security and antivirus software.
Your right to access the personal information he holds about you
You have a right to access the information Davis Emotional Well-being Ltd holds about you.
This will usually be shared with you within 30 days of receiving a request.
There may be an admin fee for supplying the information to you.
Further evidence from you to check your identity might be requested.
A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy).
You have a right to get your personal information corrected if it is inaccurate.
You can complain to a regulator. If you think that Davis Emotional Well-being Ltd has not complied with data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office (ICO).
Davis Emotional Well-being Ltd reserves the right to refuse a request to delete a client’s personal information where this is therapy records. Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by The British Association for Counselling and Psychotherapy.