Privacy Policy

I am committed to respecting and protecting your privacy. This privacy policy sets out the basis on which I will process any personal information that I may collect about you as a recipient of my therapeutic services.

All services are offered with the understanding that you have read and are agreeing to these terms.
 
All my services are offered in line with the ethical and professional guidelines of my membership bodies, the British Psychoanalytic Council (BPC) and British Association of Counselling and Psychotherapy (BACP).
 
Irrespective of where you are located geographically all contractual agreements and professional services are offered in accordance with the laws of the United Kingdom.  Any disputes related to my practice will be subject to the laws of this country.  

Insurance

All professional indemnity insurance policies specify the Territorial and Jurisdiction Limits. These important clauses work together to specify where in the world the policy is providing cover and where it isn’t. The ‘jurisdiction limits’ are the countries where the policy will accept the serving of formal legal action against the policyholder. Please note that for non-UK residents (seen online) the jurisdictional limits of my policy are confined to the United Kingdom, the Channel Islands and the Isle of Man.

Confidentiality

Psychotherapy, whether in-person or online, is offered in full respect of your right to confidentiality. I take all necessary measures to protect your privacy. Only in very rare and exceptional circumstances and where there is clear danger to self or other might third parties be informed to promote the safety for all involved.

A requirement of our therapeutic contract is the collection and storage of certain essential personal data:

  • Contact and other personal details collected through the intake form, such as your name, address, date of birth, GP, next of kin, health and medical details
  • Any other personal information provided when corresponding with me by telephone, post, email or otherwise
  • Electronic or hand-written notes of our sessions. (Brief clinical notes are kept with the sole purpose of supporting the therapeutic process.  These notes are minimal in nature reducing risks to your privacy. They do not provide an account of all session content.)

I may also collect some information from other sources. For example: referrals from psychotherapists, third parties that you have asked to send me information; persons referring you to me for services.

All electronic data is securely stored in password-protected locations. Any data passed through a third provider e.g. website or email host is subject to the same security and protection under the EU General Data Protection Regulation (GDPR).

I keep contact and personal details for the duration of our work together. Any personal data provided in emails and relevant to future work is transferred to electronic password protected files/notes.

Personal Data

My website does not track or collect your personal data via cookies or by any other means. All information about you that you pass on to me is done so via email, including completion of an intake form should you enter into a therapeutic contract with me, and verbally in the course of our work together.

Information is collected and stored with your permission for the purposes of: fulfilling our therapeutic contract; my own professional development in providing you with professional counselling services; enabling me to identify you to other concerned health professionals should I feel there is a risk of harm to yourself or others; compliance with my professional, legal, and regulatory obligations.

You can address any concerns about how your data is stored and used to the Information Commissioners Office (ICO) at www.ico.org.uk

You have the right to access any personal data that I hold about you. You can also require any inaccurate personal information to be corrected or deleted. I welcome questions, comments and requests regarding this privacy policy and my processing of personal information.

All the personal data you communicate with me via email and in the delivery of therapeutic services is held securely. I am unable to guarantee or accept liability for how data you divulge to third party websites linked to my websites might be used.

Nature of Data Held

In providing you with the best possible service I will require you to provide some data about yourself including:

  • Full name
  • Date of birth
  • Residential address
  • Email address
  • Telephone number
  • GP details
  • Other information that might facilitate treatment (e.g. use of other therapeutic services, medication, medical and family history)

While my website and email host use up-to-date security features no communication across the internet is totally immune of risk. It is not possible therefore to guarantee the security of your personal data. Some of the information you provide may be considered sensitive personal data under GDPR as it might relate to your ethnic or racial origin, political opinions, religious beliefs, physical or mental health, sexual life, or criminal record. If you would prefer to communicate such information in person rather than completing the digital intake form you can do so verbally at your appointment.

Lawful Basis for Holding and Using Client Information

As a member of the British Psychoanalytic Council (BPC) and British Association of Counselling and Psychotherapy (BACP), I abide by Code of Practice and Ethics required by these organisations. The lawful basis under which I hold and use your information is solely in the service of providing you the best possible clinical and mental health services and to collect related payment. 

Your data will not be used for marketing or other purposes. It will not be shared with any third parties. In exceptional circumstances and in order to protect life or other circumstances stipulated by UK law, I may be required to pass your personal data to another person or organisation. 

I will retain your personal data only as long as necessary to offer you services or as required by statutory regulations. Your personal data we will be held in manner that minimises risk of unauthorised access. Communication may be printed and held securely or stored on computers used for business purposes. 

In order to protect your privacy, it is my policy to minimise the detail of any clinical notes I hold about the therapeutic work whether I see you as an individual or as part of a couple or group. These notes serve as an aide-memoire supporting my work with you and to document management of risk. They do not represent an account of session content.

Online Services

All online services are delivered via ZOOM which is both GDPR and HIPAA compliant affording the highest standard in security. However, no platform is completely immune from monitoring, particularly from state sponsored operators. 

When joining by computer or phone there is some device information which is collected for technical delivery purposes only. These include:

  • Participant name (as entered by the participant when joining zoom)/ phone number
  • Device type e.g. Mac/ Windows
  • Public IP address
  • Location (20-mile radius)
  • Network Type e.g. WIFI or wired
  • Microphone type e.g. built in
  • Speaker type e.g. built in
  • Camera type
  • Data Centre
  • Connection Time 

Information about Zoom GDPR compliance can be found here:
https://support.zoom.com/hc

Contact Me

I am happy to discuss any questions you might have with regards to your data. Please contact me via email at amanda@amandahughestherapy.com