Privacy Policy
This policy is relevant to you if you are a client or potential client of Taff Trail Therapy and will inform you about what data is kept and how it is stored. If you are a website visitor it will inform you about how the website collects, uses, discloses, and manages the data of its visitors.
GDPR
The General Data Protection Regulation (GDPR) is a European Union (EU) law that protects the privacy and security of individuals' personal data. It was written by the European Parliament and Council of the European Union and came into effect on May 25, 2018. This is increasingly relevant with the advancement of digital technology.
‘Data Controller’ is the term described as the person or organisation that collects, stores and has responsibility for people’s personal data. In this instance the data controller is Lowri Smith.
Contact Details for the Data Controller can be found here:
-
Name: Lowri Smith
-
Phone Number: 07494840967
-
Email: tafftrailtherapy@gmail.com
You can also read more about your rights at ico.or.uk/your-data-matters
Clients and Potential Clients
The role of GDPR is to ensure that all personal and sensitive data is kept confidential. This term is described as ‘special category personal information’. The lawful basis for processing any special categories of personal information is that it is for provision of health treatment (in this case counselling and psychotherapy) and necessary for a contract with a health professional (in this case, a contract between the therapist and the client).
As a member of the British Association of Psychotherapist and Counsellors (BACP) this service will protect the privacy and confidentiality of clients.
It will also be discussed within the Counselling Information Sheet and Initial Contracting stages of counselling when might confidentiality need to be broken. This will be for the sole purpose of protecting the client (yourself) or others from serious harm, including safeguarding, or when legally required or authorised to disclose information. Where possible, this will be discussed with you before sharing information.
Personal Data Collection
Current collection of personal data is as follows:
-
Name
-
Address
-
Contact Details
-
GP Information
-
Next of Kin Details
-
Gender
-
Pronouns
-
Dependants
-
Medication
Website Visitors
How this information is collected
Information is collected directly from the client, this is collected either through email, self-referral through the website (including Counselling Directory, Psychology Today and BACP), in person or over the phone.
Data is collected for the following reasons:
-
To provide my services of remote sessions
-
To contact you in the need to reschedule sessions
-
To contact your GP or Support contact in cases where further support is needed -instances of being at immediate harm, terrorism or abuse.
Your information will only be shared in the cases outlined – in emergencies, and where possible with your permission.
In line with the General Data Protection Regulation (GDPR), you also have the right to request that information about you is erased, which will be completed to the furthest extent possible. Allowing that some personal information about you be kept, to ensure that I am compliant with any legal requirements, or for the purposes of public safety or my own internal complaints processes.
However, I keep minimal information about clients to carry out my work. I conduct regular audits of the data I collect and routinely delete emails, email addresses, information stored via my website (through Wix.com) and text messages.
Once counselling has ended your contact records, client form, and notes taken for professional membership body standards & Insurance purposes will be kept for six years
from the end of our contact with each other and are then securely destroyed.
If you want me to delete your contact details sooner than this, please communicate this.
Sharing of Personal Information
Storing of Personal Data
As a registered member of the BACP, I will abide by the Ethical Framework which states that therapists and counsellors store anonymised notes which are kept in a private, password protected file. Anonymised notes are kept for supervision and auditing processes which in line with the BACP Good practise Guidelines.
Information shared is strictly confidential. The only time this will be broken is if there is a risk of harming yourself or others or committing an unlawful act or crime. This follows the following acts: The Terrorism Act 2000; Drug Trafficking Act 1994, Proceeds of Crime Act 2002 or the Money Laundering Regulations 2007; Road Traffic Act 1991; the Children Act 1989; the Serious Crime Act 2007, and the Female Genital Mutilation Act 2003. I will, where possible share my concerns with you before taking necessary action.
In addition, if I am audited or asked for evidence when completing tax returns, my bank statements are likely to be requested. This would also mean your bank details, account name, payment, reference will be shared. This will however be protected by the banks GDPR policies.
Every effort is made to keep your personal data safe and secure.
Website: The website is hosted on Wix.com platform. If you have used the contact box to get in touch, your data will be stored through Wix.com’s data application and storage. This information is stored on secure data servers with a firewall.
Email: The majority of communication will be set via Google Mail. This will be to setup, reschedule or send follow up sessions. On the occasions where confidential information needs to be shared, a ‘confidential mode’ can be used (which is password protected and will expired after five years). If, for some reason confidential mode has not been used, all emails are routinely deleted from sent, inbox and bin folders.
Phone: If communication is completed over the phone, clients’ initials (rather than full name) and telephone will be stored on a working mobile device. The mobile device will be locked by password.
Google Meet – For Virtual/Online sessions Google Meet will be used. Google states that information is encrypted and does not store video, audio or chat data (unless users initiates a recording during the sessions) More information about Google and their privacy policies can be found here.
Anonymised Case Notes: All case notes will be kept on a password protected laptop, within a password protected file. If you would like a copy of your client notes, please contact me via email.
Please note: in the event on my death or sudden injury, your contact details will be shared with my supervisor to communicate the end of our sessions, and to explore alternative provisions.
Wix is a Data processor for the current site-visitor’s data. This means that wix will only collect, and store information following my request (the Data Controller). Wix will therefore not process visitor information for their own benefit. For more information on this please, please click here.
Information on Wix and Google Analytics will be used a third-party service to collect standard internet information, to explore behaviour patterns. This is to understand the number of visitors to the page. This information is processed anonymously and does not identify any personal information. It is important to note, that I do not allow Wix or Google to make, store or find out the identities of visitors to the website. The purpose of using Google Analytics is to improve the service and marketing of my service.
To opt out of being tracked by Google Analytics across all websites, please visit this link:
http://tools.google.com/dlpage/gaoptout.
Like most websites, Wix also uses Cookies to help it run smoothly. Will be given the option to opt in or out when entering the site. No personal data information is collected by myself when doing so.
I reserve the right to correct, amend and modify this privacy policy at any time.
If you have any concerns about how your data is stored, please use the contact details at the top of this page for any queries or complaints.
Sessions available
Currently taking bookings on:
- Mon & Wed | in-person and online sessions
- Tues & Thurs | outdoor and online sessions