GDPR Statement

I am registered with the ICO (Information Commissioner’s Office) which means I need to tell you what data I am collecting from you and what I intend to do with it.

What data do I keep and why do I need it?

• Name and age – this is basic information that helps me get to know you.
• Address, email address, phone number – I use this as a way of contacting you regarding your sessions. I will mainly use the method you first contacted me on but if I cannot reach you, I will try a different method.
• Next of kin/GP’s details – If I was worried that you were at risk then I may need to contact your next of kin/GP, if I can. I will let you know when/if I am going to do this.
• Session notes – I keep brief anonymous notes of our session(s). Hard copies only.

Will I share your data and if I do, who will I share it with and for what purpose?

It is very unlikely that I will share your data. I will not sell it on or use it for unethical reasons. I may have to share it if my notes are subpoenaed by court, if you or anyone you tell me about is at risk of harm I may have to pass this information on.

How will I store your data?

It is mainly stored as a hard copy in a locked filing cabinet. Immediately after the work is finished, I transfer the data with your initials to my password protected computer. Your phone number(s) may be kept in my business mobile phone with your first name and last initial. Only I will access your information.

How long will I store your data for and how will I dispose of it?

• I will keep our session notes with your initials for 5 years.
• I will shred this and any other documents with your personal information for 1 year after our work finishes.
• I will delete your phone number out of my mobile phone 1 month after our work finishes.