In order to provide you with services such as training, updates, therapy, or consulting, I need information from you which may include your identity, your address, your email, and your telephone number. In the case of therapy, additional details may be taken to provide the service you are expecting such as notes about your sessions, medical records, school records, insurance reports, personal history, sexual preferences, relationships, etc. In addition to any requirements of the GDPR, this information may be further protected by the British Psychological Society code of ethics and the regulating body Health and Care Professions Council. I may use your information in my accounting system to bill for services, take payments, file tax returns and track your financial obligations to me. Once our financial relationship is concluded I will continue to hold that information until no longer required by HMRC or any other party with a legitimate interest. I do not hold credit card details. My website may use or set cookies if you send emails through the site. My website will ask your consent the first time you visit. You may turn off cookies on your device, but some features of my website may not work properly.
Lawful Basis for Processing
My basis for processing your information is legitimate interests. This is information that both you and I might reasonably expect to be provided and maintained in order to provide the service or information you want. My basis for processing special category information such as gender, sexual preference, marital status, business details and similar is also legitimate interests and this will be information you have consented to provide to me in order for me to provide you with the services you have requested. It is information that we both would reasonably expect to be shared between us with a clear understanding of how it will be used and protected.
Categories of Personal Data Obtained
I do not obtain data from third parties unless it has been released to me with your informed consent. Examples of this may be legal, medical, criminal, educational, social, or other records released by your solicitor for use in preparing a report on your behalf. Data I receive will nearly always be obtained either directly from you, your representative, or your guardian. In the case of children, this information will be obtained from the child and/or the guardian. I may access public records such as but not limited to Companies House, County Courts, social media sites, Information Commissioner’s Office, and others if deemed necessary to pursue legal claims for the recovery of debts owed to me.
Recipients of Data
Data received from you will be used only within our partnership for the purposes you and we reasonably expect for the services being provided. Except as required by law, courts, or police, I do not release data to recipients outside of our business.
Transfers Outside of the EU
I do not transfer data outside of the EU for processing, meaning to be handled, viewed, manipulated, scanned, or otherwise accessed by someone outside of my business.
How Long I Hold Your Data
I hold data only as long as I am required by law for accounting and tax purposes, which may be three years or longer. If you make an enquiry via my website I will keep that correspondence only as long as your enquiry is active. Emails received directly and related to services I am providing you will be kept only as long as I am working with you and will typically be deleted 30 days after I cease working with you. Notes maintained as part of therapy or supervision with you will be deleted 30 days after you advise me I am no longer working with you.
A complete summary of your rights is available at the Information Commissioner’s Office website. You may request copies of data I hold on you and I must provide this information free-of-charge within 30 days. However, if your request is unreasonable or you have made repeated requests for the same information, I may refuse to comply unless and until a fee is paid or an agreement reached on the data to be provided. You always have the right to file a complaint with the Information Commissioner’s Office if you feel I have violated your rights under the GDPR. I will do my best to provide your information in a format that you can understand and use.
Source of Personal Data
I do not obtain data from third-parties without your consent except in the case of children or vulnerable persons and then this data will be obtained from a responsible party, solicitor, or a party holding power-of-attorney. I may receive data from an insurance company or medical providers, with your authorisation and knowledge.
Your Obligations to Provide Data
You are under no obligation to provide information to me, but I may not be able to provide you with the services you are requesting. In such a case, I may choose to not provide you with services that you are seeking.
Automated Decision Making
I do not engage in any automated decision making with your data.