Privacy Policy
(please read in conjunction with client contract)
Secure Storage
With the client’s permission, I retain the following information: Name, date of birth, telephone number, email address, GP name and contact details, basic information about family background e.g. siblings, parents, partners, children. Your personal information is stored securely, in locked files. Your address and phone number etc, are stored separately from any session notes. Your phone number and email are stored in my password protected phone under your personal code. I make brief, handwritten notes of counselling sessions as an aide-memoire and for supervision purposes. These notes are kept under non-identifiable client code; in the case of letters/emails to third parties requested by clients, a copy is retained with any personal information securely redacted. They are retained for 6 years (as a requirement of my insurance) and are then securely destroyed. All your data is used in a safe and ethical manner in line with EU General Data Protection Regulations May 2018 (GDPR). It is not shared with other people without your consent.
Right to Access
You have a right to ask for a copy of your personal information, free of charge (for the first request), in electronic or paper format. You also have the right to ask me to amend or change any incorrect information about you. I reserve the right to charge for any subsequent requests for your personal information.
Right to be Forgotten
You have the right to ask me to erase any information that I hold about you. This includes your personal information that is no longer relevant to original purposes, or if you wish to withdraw consent. In all cases and when considering such requests, these rights are obligatory unless it is information that I have a legal obligation to retain (e.g. for clients aged under 18 years).
Data portability
As the client, you have the right to receive your personal information which you previously provided. You also have the right to transfer that information to another party. For the purposes of the GDPR 2018, the ‘data controller’ is Nikki Della-Rocca of Nikki Counselling – sole trader.