The General Protection Data Regulation (GDPR)

 

S.M.I.L.E Counselling GDPR Privacy Policy

The General Protection Data Regulation (GDPR) sets requirements to those who have a day-to-day responsibility for the protection of data. It also makes it easier for people to control how their data is used.

What information will S.M.I.L.E Counselling hold and how will it be used?

During our initial consultation, We will ask you for your name, date of birth, contact details and GP information.

We may also require background information regarding your medical history and current medications in order to ensure we are able to work with you ethically. Without this information, we will not be able to take you on as a client.

Any information collected for counselling sessions will be held in the strictest confidence. No personal details will be passed on to external parties unless ordered by the courts, or if we have reason to believe you are a serious risk to yourself or others.

In certain situations we are not obligated to inform you we are passing on your personal information (e.g. if there is a child protection issue or you are a harm to yourself or others).

We may use some information for collating statistics for our organisation but no personal information will be divulged.

Client cases will be discussed at our monthly supervision meeting with our clinical supervisor, which we are required to do to ensure we are carrying out the best practice possible, and that the standards of our professional and regulatory body (BACP) is being met. However, identifiable information such as your full name or date of birth will not be given.

How is my data kept and how long is it kept for?

In order to remember specific details important to you and your therapy we will take notes at the end of every session. Any written records will be locked away when not in use, and those held on computer will be password protected.

Client data is not kept for longer than necessary.

If you send an enquiry by phone or email but decide not to become a client, you have the “Right to be Forgotten” and ask us to delete any data I have for you. You cannot request for certain data to be deleted if you are a current client or have been in the last 7 years, as we are required to keep this in line with our registered bodies’ guidelines (i.e. case notes). However, you are entitled to view your data to ensure it is accurate and up-to-date.

What happens if my data is lost or stolen?

In the unlikely event that personal data is breached, the Information Commissioner’s Office (ICO) will be notified within 72 hours and the relevant individual(s) will be notified. Action will then be taken by S.M.I.L.E Counselling to ensure the breach does not happen again.