I am registered with the Information Commissioners Office (ICO) which means I am required to tell you what data I am collecting from you as a client or supervisee and what I intend to do with it under General Date Protection Regulations (GDPR) which came into effect from May 25th 2018
Data I keep and why I need it
This is a paper document which includes the following:
- Contact details – home address, email address, phone number. I use these details to contact you regarding your sessions and ask for a preferred contact method.
- General Practitioner details. If I became concerned that you or someone else might come to harm, I might need to contact your doctor. This contact would be discussed with you beforehand if at all possible.
- Emergency Contact Name and Number. The name and contact number of the person you would like me to contact in an emergency.
This is a paper document. It is a requirement of my professional organisation (BACP) that I keep notes while we are working together. These are brief and are assigned to a unique code. These notes may contain sensitive personal data. Any relevant information from our email or text message exchanges will also be recorded onto your paper notes.
Unique Identification Code
I log your name linked to a unique code on my personal computer. This information is used to keep a record of the number of clients I am working at a particular time and for accounting purposes. It is separate to your paper notes and contact information.
This is a paper document. This document is signed by you, the client to give me permission to collect and store information.
Mobile Phone/Portable Devices/Personal Computer
In order for me to contact you, with your permission, your email address and phone number will be stored and password protected. These contact details may be held for an indefinite period after our work together unless you request otherwise.
Who will I share data with and for what purpose
I will not share your data with any organisation unless:
- My notes are subpoenaed by a court.
- If I feel that you or someone else may come to harm.
- My professional body requires that I appoint a Therapeutic Executor. This person is a senior colleague, who should an unfortunate life event mean I can no longer work with you, will be given access to your details in order to contact you.
How I store your data
- Personal data I keep on paper is stored in a locked filing cabinet.
- Your unique ID code is stored on my personal computer, which is password protected.
- Your email address will be stored within BT’s Cloud Storage and my electronic media, which are passcode protected.
- Your contact details will be held within Apples iCloud Storage which is password protected.
Data Retention and Disposal
Your paper data such as session notes and registration form may be kept for up to 6 years. After this time they will be shredded. This is on the advice of my insurance company.
I do not normally record any session data electronically. In the event that data is stored electronically, it will be deleted after a period of 6 years or earlier at your request.
Email and text messages contact details will be stored and password protected indefinitely unless you request otherwise.
Under GDPR you are entitled to the following:
- Right to be informed
Regarding how your data is held, for how long and of any breaches of data
- Right to Access and update records
You have the right to ask for a copy of the personal information I hold free of charge
for the initial request and to receive this within 30 days from request. You also have the right to ask me to amend or change any incorrect information about you.
- Right to be forgotten and restrict processing
You have the right to ask me to delete any information that I hold about you. Please note that it is not an absolute right to be forgotten if I am legally obliged to keep records, for example financial records must be kept for 7 years.
- Data Portability
You have the right to receive your personal information and to transfer this information to another party.
Please contact Jane Myring, the data controller/processor by email if you would like to exercise your rights listed above.
If you have concerns about potential personal data breach, please contact me in the first instance. For further information please contact the Information Commissioners Office on 0303 123 1113.
If you do not consent to me using your data in this way, due to GDPR constraints, it is unlikely that I will be able to work with you.
GDPR (data protection) requires me to tell you what happens to your information in more detail when using an internet service from a third party.
General Enquiries (non-clients)
Contact details captured during enquires made to me that do not result in the enquirer becoming a client may be stored indefinitely within BT’s Cloud storage unless a request is made to delete it.
Your Web Browser – Deleting Browser History and Cookies
You may be in a situation where you do not want anyone who has access to your computer to know that you are looking for a counselling service. Information as to how to erase your internet search history and cookies from any websites you have visited can be found by using the link below.
Please note that I am not liable for any potential issues this may cause to any of your devices from this third party website.
I use British Telecoms email service. Any correspondence received by me or sent to you via jmcounselling.btinternet.com is held on BT’s email servers. Access to my email is via password security and is not shared.
BT GDPR obligations for the storage of online email is outside the scope of this document.
My website is used to advertise my services only no personal information is gathered or stored on the hosting platform.
Google analytics and Bing Webmaster Tools
I do not knowingly communicate with clients through social media.