The following information sets out how we comply with General Data Protection Regulation (GDPR) laws. It will look at why we keep data about you, what we do with it, how we store it and what your rights are. We are registered with the Information Commissioner’s Office (ICO) and, Dr Charley Deacon & The Therapy Collective, is the data controller.

​

What personal data is processed

As psychologists, in order to be able to do our job well, we collect and process the following personal data from therapy clients:

​

• Personal data: name, address, email, contact number, and GP contact details.

• Sensitive personal data: signed therapy client agreement, therapy records (therapist notes, letters, reports and/or outcome measures).

• Financial data: If you pay by BACS your name will be on our bank statements.

• If you complete a web-based enquiry form, we will also collect the information provided. All web services used are GDPR compliant.
   

If you are referred by your health insurance provider, then we will also collect and process personal data provided by that organisation. This includes basic contact information, referral information, health insurance policy number and authorisation for psychological treatment.

 

The lawful basis for processing personal data

This personal data is processed based on our legitimate interest as a psychologist and is necessary for providing psychological therapy to clients.

 

How your personal information is used

Your personal information will only be used to provide the services you have requested and to process payment for such services. If you do not provide the personal information requested, then we may be unable to provide a therapy service to you.

 

How long we store personal information         

Your personal information will only be stored for as long as it is required.  Basic contact information held on a therapist’s mobile phone will be deleted within 6 months of the end of therapy.

​

The sensitive personal data (defined above) is stored for a period of 7 years after the end of therapy. After this time, this data is deleted at the end of each calendar year.

​

Any data processed for an enquiry or notes made during therapy will be deleted after 6 months.

​

We are required by HMRC to keep all bank statements for 6 years plus the current accounting year.

 

Who we might share personal information with

Information about clients and the therapy they receive is held in confidence. This means that your personal information will not normally be shared with anyone else. However, there are exceptions to this when there may be need for liaison with other parties:

​

• If you are referred by your health insurance provider, or are otherwise claiming through a health insurance policy to fund therapy, then we will share appointment schedules with that organisation for the purposes of billing. We may also share information with that organisation to provide treatment updates.

• In cases where treatment has been instructed by a solicitor, relevant clinical information from therapy records will be shared with legal services as required and with your written consent.
   

In exceptional circumstances, it may be necessary to share personal information with relevant authorities:

​

• When there is need-to-know information for another health provider, such as your GP;

• When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order;

• When the information involves a risk of harm to you, another adult, or a child. We will try to discuss the proposed disclosure with you first unless doing so could increase the risk to you or others.

​

Your details will never be sold to a third party for marketing purposes.

 

Keeping your data safe

• Personal information is minimised in phone and email communication. 

• Sensitive personal data will be sent to clients in an email attachment that is password protected. 

• Email applications use privacy (SSL) settings, which encrypts email traffic so that it cannot be read at any point between our computing devices and our mail server. 

• Open or unsecure wi-fi networks will never be used to send any personal data. 

• Personal information stored on a computer is password protected. 

• Malware and antivirus protection is installed on all computing devices. 

• Mobile devices are protected with a passcode/thumbprint scanner.

 

Your right to access the personal information held about you

• You have a right to access the information held about you.

• This will usually be shared with you within 30 days of receiving a request.

• We may request further evidence from you to check your identity.

• A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy).

• You have a right to get your personal information corrected if it is inaccurate.

• If you think that data protection laws have not been complied with, you have a right to lodge a complaint with the Information Commissioner’s Office.

​

We reserve the right to refuse a request to delete a client’s personal information where this comprises therapy records. Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping.

​

​Cookie policy

A cookie is a small piece of data that a website stores on your device when you visit it and which is then read when you later revisit the site. 

​

Cookies are used to enable certain features such as to track site usage via analytics. Please note that some cookies are essential for the website to function properly and cannot be disabled. 

​

By clicking "Accept," you consent to the use of cookies. We use different types of cookies: Essential, Marketing, Performance, and Analytics cookies. 

​

Types of Cookies

Essential Cookies: These cookies enable core functionality such as security, verification of identity and network management. These cookies can’t be disabled.

​

Marketing Cookies: These cookies are used to track advertising effectiveness to provide a more relevant service and deliver better ads to suit your interests.

​

Functional Cookies: These cookies collect data to remember choices users make to improve and give a more personalised experience. 

​

Analytics Cookies: These cookies help us to understand how visitors interact with our website, discover errors and provide a better overall analytics.