This notice describes what personal data I collect from you and how I store and process it as part of the counselling and psychotherapy services provided byJamie Styler Psychotherapy and Counselling. In the course of my practice I will collect, process and store personal data as a data controller.
I would like to reassure you that I adhere to all laws and procedures relating to the General Data Protection Regulation (EU) 2016/679 (GDPR), UK GDPR, DataProtection Act 2018 or other applicable data protection legislation and will only use your personal data to provide you with the specific service or services you explicitly agree to.
I am registered with the Information Commissioner’s Office (ICO) under registration reference ZB318192.
A. YOUR RIGHTS
(a) the right to access: You may request a copy of your clinical file for free at any time by emailing me. Your records are identifiable, retrievable and intelligible as per applicable data protection requirements. I will comply within 30 days.
(b) the right to rectification: You may update any of the information I hold for you at any time. I will amend them immediately.
(c) the right to erasure: You may request that I erase your data.I will comply within 30 days unless I cannot for legal reasons.
(d) the right to restrict processing: You may request that I restrict how I process your data. I will comply within 30 days unless we cannot for legal reasons.
(e) the right to object to processing: You may object to me processing your data. I will comply within 30 days unless I cannot for legal reasons.
(f) the right to data portability: Your data is retrievable and may be able to be moved if necessary.
(g) the right to complain to a supervisory authority: If you believe I have contravened applicable data protection legislation, you may contact the ICO.
(h) the right to withdraw consent: You may withdraw your consent for me to hold your information. I will comply immediately unless I cannot for legal reasons.
B. DATA COLLECTION, PROCESSING & LEGAL BASIS
Below I have set out the categories of personal data and sensitive personal data (such as your genetic data or ethnic origin) I collect and how I process the data:
(a) I will hold your contact information such as name, email address, telephone number, home address as well as your emergency contact’s details (“Contact Information”) which I will use to provide my services and communicate either with you or your emergency contact in a secure manner.
(b) I may hold certain financial information of yours, such as debit or credit card details, in order for me to receive payment in exchange for providing my services to you.
(c) a record of any correspondence or communication between you and myself which I will use to provide my services and communicate with you.
I will process the Contact Information on the basis that you have consented to it (for one or more specific purposes),where the processing is necessary for me to comply with my obligations under a contract with you.
Communication Information will be processed on the basis of my legitimate interests (in providing our services to you).
In addition to the above, all information may also be processed on the basis that it is necessary to comply with a legal obligation to which I am subject.
Generally, I will collect information directly from you. If for any reason, I obtain your personal data from any other third party your privacy rights under this notice are not affected and you are still able to exercise the rights contained within this notice.
You do not have to supply any personal data to me however in practice I would be unable to provide my services to you without personal data (for instance I will need contact information in order to communicate with you). You may withdraw our authority to process your personal data (or request that I restrict my processing) at any time but there are circumstances in which I may need to continue to process personal data (please see below).
Cookies and logs
JAMIE STYLER (the website) collects information related to your use of our website using cookies and log information.
Log information may include web requests, Internet Protocol address, operating system, browser type, browser language, date and time of your request, and cookies that may uniquely identify your browser. JAMIE STYLER uses this information to enhance the functionality of the website and to make your access more convenient, secure, and efficient.
JAMIE STYLER also uses information gathered from logs and cookies to monitor website performance; improve website design, functionality, and security; and assemble web analytics and activity trends. JAMIE STYLER retains such information for as long as reasonably required for business purposes or as reasonably required to comply with our legal obligations.
JAMIE STYLER may disclose personal information where:
• required by law or by an order or requirement of a court, administrative agency, or other government entity, or by court rules concerning the production of records;
• JAMIE STYLER has reasonable grounds to believe that use or disclosure is necessary to protect the rights, privacy, property, or safety of our users or other people;
• JAMIE STYLER has reasonable grounds to believe that the information relates to the breach of an agreement or violation of the law that has been, is being, or is about to be committed;
• it is necessary for fraud protection, risk reduction, or the establishment or collection of funds owed to us;• it is necessary to enforce or apply our legal agreements, to pursue remedies, or to limit damages to JAMIE STYLER;
• the information is public;
• you have provided consent or with your direction; or
• other reasons allow it or other laws require it.
When we are required or permitted to disclose information, we will not disclose more information than is necessary to fulfil the disclosure purpose.JAMIE STYLER may disclose aggregate or statistical information to our business partners, for public relations purposes, or other purposes.
‘Do Not Track’ notifications.
Some browsers allow you to automatically notify websites you visit not to track you using a “Do Not Track” signal. There is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, we currently do not alter our practices when we receive a “Do Not Track” signal from a visitor’s browser.To find out more about “Do Not Track,” you may wish to visit www.ico.org.uk
C. DISCLOSURE, DATA STORAGE & RETENTION
Who has access to your personal data?
I do not disclose any information you provide to any third parties other than as follows:
(a) I may consult with other professionals involved in your treatment only with your explicit signed consent.
(b) If I believe you or another person is at risk of being harmed, any decision to break confidentiality would not be taken lightly. I will usually consult with a clinical supervisor and where possible, advise you as well.
(c) I may discuss our work in a general way with the clinical supervisor and supervision group in order to maintain high standards of practice.
(d) Your name may be contained in financial records and our online diary. It is possible that third parties may have access to those records, for example, an accountant, tax adviser, legal adviser or administrative assistant.
(e) if I am under a duty to disclose or share your personal data in order to comply with any legal obligation (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime);
(f) as necessary in order to protect both mine and your rights, property and safety (for instance in relation to fraud protection).
How and how long is your personal data stored for?
All personal information is kept on a secure online platform (bac-pac.co.uk) This platform complies with the GDPR requirements for safe storage of personal, sensitive information.
“Mayden the parent company behind bacpac has over a decade of experience handling confidential patient data. We have reviewed our procedures and policies in the light of the GDPR and the necessary steps to comply with the new measures. Mayden is ISO27001:2013 accredited. This internationally recognised information security management standard ensures that a business has stringent processes in place to ensure data confidentiality and to identify, manage and reduce risks to information security.”
I keep notes about you after each session, these are brief and factual and do not contain personal opinions, diagnosis or hypotheses. Notes and personal details are kept for a period of seven years after our final contact, after this time all your details and information will be deleted securely.Any hand written paperwork will be destroyed once the details have been uploaded onto the online platform.
Any hand written forms that I retain will be kept in a locked filling cabinet at my home.
Please help me keep your data up to date and accurate by letting me know of any changes in your personal information.
Please tick one box and enter your details below.