At Restore, your privacy and confidentiality are the highest priority when collecting and storing information. This privacy notice explains how I use and store your data and meet GDPR obligations.
Who I am
Data Controllers: Restore / Indaba Counselling
I will collect ‘personal data’ and ask for your name, contact details, GP’s contact and medication you are on, an emergency contact. This is so that I can contact you if necessary, and also to comply with the regulations of my professional bodies and insurance company. I am required to show the ICO that I have a lawful basis on which I use this information, and the most appropriate is ‘legitimate interest’ for personable (article 6) and special category data (article 9). More details are available at link for ICO – legitimate interests
I make brief session notes which are coded and stored separately from your personal information.
I will keep your data for the duration of our work together and then securely dispose of information after 7 years.
Your information is confidential and the only exceptions may be when there is a serious risk to yourself or others; when I am legally obliged; or when I have your written consent. I have monthly supervision to check my practice but my supervisor is equally bound by the same limits of confidentiality.
You are entitled to be informed about what information I hold about you and at any time you can request to access this. You can request to have incorrect information rectified. You may request to have your records erased. The same applies to restricting processing. You can request data portability of your notes to another therapist. You may object to the processing of your data These rights may be declined, as in defence of legal claims I may be unable to do so citing the lawful basis of legitimate interests.