If you visit my home studio, I now have CCTV installed for the sole purpose of home security, and anyone visiting will appear on that video.
The images are solely for the security of my home and only at the time of a break in or theft would any images, that relate to a crime, be shared with police or insurance companies as needed.
General Data Protection Regulations (GDPR), 2018 explained
GDPR replaces the 1998 Data Protection Act, to ensure your personal and sensitive, confidential data is kept private and held securely, being processed in the way that you have agreed to. It is there to protect your rights as a consumer of a service or product that might involve your identifiable data, e.g., your name and address or whether you have a specific condition. It also covers things like any session records, text messages or emails we exchange. I will need to gather certain information when you become a therapy client and these statements and policies are here to assure you regarding how your personal data will be safely stored.
Treating those considered minors - under the age of 16
A child is considered a minor until they turn 16 and I would need a parent or guardian to be in each session and to provide consent so that I can work with the young person. I hold an enhanced DBS so that I can work with young people. If you are classed as a child or minor, I must hold your data until your 25th birthday, unless you are 17 when treatment ends and then I must keep it until your 26th birthday.
What information do I collect from you?
When you become a client, I will need to collect information about why you are using the service, which can cover your health and information about your important others, alongside brief session notes. This information enables me to provide a high-quality service to you, ensuring I am equipped with the knowledge of our previous discussions prior to each session. Your contact details/address and Doctors details will only be used with your explicit consent or in an emergency as part of my duty of care.
When you subscribe to my online newsletter, I will collect certain basic information that allows me to stay in touch with you – usually your Email and first name. You can unsubscribe at any time from my newsletter/mailing list.
I may also collect information from you when you choose to provide feedback, complete customer surveys, or contact me via my website, my phone, through social media or by email.
How long will you hold my information for?
I am regulated by the NCH, an organisation that stipulates I must hold your data for 8 years after your final session. Unless you are a child, in which case I must hold your data until your 25th birthday, unless you are 17 when treatment ends and then I must keep it until your 26th birthday. Therefore, all records will be deleted in the January after the above retention scales. This is also in line with my insurance company guidelines and with the NHS regulations for holding data.
What if I do not want my records to be held for that long?
Under GDPR you do not have the right to ‘erasure’ before the end of the required retention term. However, you do have the right to have your documents anonymised. You can make this request by writing to me. I would have to save the letter of request for anonymity for my insurance company’s legal team and tax purposes. All your details would be recorded with a pseudonym or initial to prevent any identifying details. Please understand that I will be holding very minimal information.
How is the information stored, processed, and kept?
All records are stored, processed, and kept securely whether on paper or electronically. It is imperative to me, and I ensure your information is secure. Suitable physical, electronic, and administrative procedures are put in place to safeguard and ensure the safety of your information.
Any records I keep are stored in a locked, undefined cabinet within my locked home – once information is not required it is destroyed.
Is what we discuss kept confidential?
Everything we talk about during our sessions is strictly confidential between you and me. To ensure I am doing my job effectively and that I have the right support, I may discuss elements of our sessions with my supervisor. During these discussions I do not disclose any details that may identify you to my supervisor, and my supervisor also adheres to the GDPR.
What if I see you outside of the session?
If we see each other outside of a session I will smile but will not engage in any further conversation to ensure your confidentiality. You are welcome to share with other people about the therapy you are receiving, but I am obligated by GDPR law to ensure your confidentiality is protected. I would request that in order to ensure the success of your treatment, that you refrain from discussing your treatment with me outside of your sessions.
What about other Health and Social Care Professionals?
As I adhere to the GDPR any contact, relating to you, with other health care professionals would only be made with your signed consent. E.g., If I were to write to your GP to notify them of your treatment with me, and then notify them of the treatment ending, I would only do this if you gave prior consent.
To safeguard you and the people around you, if you were to disclose that you were going to carry out harm to yourself or someone else, then under my “Duty of Care” I am obligated by law to inform the relevant authorities. This is to support you to live well, and I would always aim to discuss this with you prior to contacting anyone. Secondly, If I was issued with a police warrant or court order for your information, by law I would also have to provide them with your information. Again, please be aware that the information I hold is minimal.
Do you pass on my personal details?
When sending enquiries through my Wix website contact form, via social media messaging facilities or sent directly to my Gmail or.co.uk email address cannot be guaranteed to be absolutely secure and are subject to the privacy policies of these third-party organisations. When needing to communicate sensitive information, or your enquiry is of a sensitive nature, it may be better to arrange a time to speak to me on the phone.
I will not share your details or information for marketing purposes with external companies.
The information that is collected may be used to analyse trends or view my progress. Therefore, allowing me to monitor and improve the quality of care and communication I provide. Where possible I will always aim to analyse information from anonymised information.
At times I will require support or additional training from a third party, and they may need access to electronic devices to assist in running my website, email, and social media accounts. My support providers do not access or use client data for any other purpose, and this is an essential service.
You can ask me not to send communications using the details that I hold in my records, and this may include your email, postal address, phone, and SMS. You can request that I restrict my communications to only when necessary from a clinical perspective. Your personal preferences can be changed at any time by using the link at the end of every email I send or by using my contact details below.
Cookies, log files and web beacons
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
None of these items can give us access to your computer or to your personal information.
You can set your browser to not accept cookies, however, this can affect some of the features in my website.
How to contact me
Post – 16, Moreland Close, Alton Hampshire, Gu34 2SA
For further information, advice, or complaints
You may contact the Information Commissioner’s Office – hhtps://ico.org.uk/concerns/
The information provided by Sue’s Solutions Hypnotherapy (“we,” “us” or “our”) on (the “Site”) [and our mobile application] is for general informational purposes only. All information on the Site [and our mobile application] is provided in good faith, however we make no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability, or completeness of any information on the Site [or our mobile application].
Under no circumstance shall we have any liability to you for any loss or damage of any kind incurred as a result of the use of the site [or our mobile application] or reliance on any information provided on the site [and our mobile application]. Your use of the site [and our mobile application] and your reliance on any information on the site [and our mobile application] is solely at your own risk.
EXTERNAL LINKS DISCLAIMER FOR WEBSITE
The Site may contain (or you may be sent through the Site links to other websites or content belonging to or originating from third parties or links to websites and features in banners or other advertising. Such external links are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability, or completeness by us.
We do not warrant, endorse, guarantee, or assume responsibility for the accuracy or reliability of any information offered by third-party websites linked through the site or any website or feature linked in any banner or other advertising. We will not be a party to or in any way be responsible for monitoring any transaction between you and third-party providers of products or services.
PROFESSIONAL DISCLAIMER FOR WEBSITE
The information contained in this website is provided for general informational and educational purposes only and is not a substitute for professional advice.
Accordingly, before taking any actions based upon such information, we encourage you to consult with the appropriate professionals. We do not provide any kind of advice. The use or reliance of any information contained on this site is solely at your own risk.
TESTIMONIALS DISCLAIMER FOR WEBSITE
The Site may contain testimonials by users of our products and/or services. These testimonials reflect the real-life experiences and opinions of such users. However, the experiences are personal to those specific users, and may not necessarily be representative of all users of our products and/or services. We do not claim, and you should not assume, that all users will have the same experiences. Your individual results may vary.
Every effort is made to keep the website up and running smoothly. We take no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond my control.