Effective Date: June 2026

I am committed to protecting your privacy and handling your personal information with care, confidentiality and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

I’m registered with the British Association for Counselling and Psychotherapy and National Association for Counsellors and Psychotherapists and my record-keeping follows their Ethical Frameworks.

What information I collect

I may collect:

  • Your name, address, email address and telephone number
  • Emergency contact details
  • GP details (where appropriate)
  • Information you provide during your enquiry
  • Session notes
  • Payment information
  • Any information necessary to provide counselling or clinical supervision safely and effectively

How I use your information

Your information is used to:

  • Respond to your enquiry
  • Arrange appointments
  • Provide counselling or clinical supervision
  • Maintain appropriate clinical records
  • Process payments
  • Meet legal, ethical and professional obligations

I will only collect information that is necessary for these purposes.

Confidentiality

Everything discussed during counselling or supervision is treated as confidential.

However, confidentiality may need to be broken if:

  • There is a serious risk of harm to you or someone else.
  • There are safeguarding concerns involving a child or vulnerable adult.
  • Disclosure is required by law or court order.
  • I am required to comply with professional or legal obligations.

Where possible, I will always aim to discuss this with you first.

Clinical Notes

I keep brief, factual and secure clinical notes in accordance with professional standards.

These records are stored securely and only accessed when necessary.

Lawful Basis for Processing

I process your personal information under the lawful bases of:

  • Contract (to provide counselling or supervision)
  • Legitimate Interests
  • Legal Obligation (where applicable)

Where special category health data is processed, this is done in accordance with Article 9 UK GDPR.

How your information is stored

Your information is stored securely using password-protected electronic systems and/or locked filing systems.

I take reasonable steps to protect your information against loss, misuse or unauthorised access.

How long I keep your information

Client records are usually retained for seven years after counselling or supervision ends (or longer where required by insurers, safeguarding guidance or legal obligations). After this period they are securely destroyed.

Sharing your information

I will never sell your personal information.

Information will only be shared where:

  • You have given your consent.
  • It is required by law.
  • There is a safeguarding concern.
  • It is necessary to prevent serious harm.

Your Rights

Under UK GDPR you have the right to:

  • Access your personal information.
  • Request correction of inaccurate information.
  • Request erasure where appropriate.
  • Restrict processing in certain circumstances.
  • Object to processing.
  • Lodge a complaint with the Information Commissioner’s Office (ICO).

Contact

If you have any questions about this Privacy Policy or how your information is handled, please contact me directly.

If you remain unhappy with how your information has been handled, you have the right to complain to the Information Commissioner’s Office.

Third-Party Services

I provide counselling and clinical supervision exclusively online using Zoom.

Zoom processes certain personal data (such as your name, email address, IP address and technical information) to facilitate video sessions. Zoom has its own Privacy Policy which explains how your information is processed and protected.

Whilst Zoom uses industry-standard encryption and security measures, no online platform can guarantee absolute security. By engaging in online counselling or supervision, you acknowledge and accept the inherent risks associated with internet-based communication.

I recommend that you:

  • Attend sessions in a private, confidential space.
  • Use a secure internet connection where possible.
  • Protect your own device with passwords and up-to-date security software.
  • Avoid recording sessions unless we have agreed this in advance.
  • Where I use secure electronic systems for email communication or record keeping, these providers process your information only as necessary to provide their services and are required to comply with applicable data protection legislation.

Data Breaches

In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, I will act promptly in accordance with UK GDPR requirements. This may include notifying the Information Commissioner’s Office (ICO) and, where appropriate, informing you without undue delay.

Changes to this Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in legislation, professional guidance or the way I provide my services. The most recent version will always be available upon request or on my website, where applicable.