This privacy notice makes clear how your personal data is collected, processed and stored securely to comply with the new GDPR law of 25th May 2018. It also covers your legal rights. This Privacy Notice is a live document and will be reviewed and updated as necessary
Confidentiality and your personal details
My Counselling Service is a confidential space for you. However, there are some legal and ethical limitations to confidentiality that we can discuss when we meet.
On enquiry or request of my service by telephone, email, text or via my website, you are agreeing to me holding confidential data about you.
Your data is only for the purposes of our therapeutic work together. It will be used to send information regarding your appointment, venue directions, my terms & conditions, payment arrangements and/or follow up information.
Your information is NOT shared with any third party nor used for any marketing purposes.
I ensure that:
- only data that is ‘absolutely necessary for the completion of duties’ is processed and stored.
- your data is processed lawfully and fairly and in a transparent manner.
- your data is accurate and kept up to date where necessary
- your data is secure.
- your data is kept as long as is necessary.
How is data collected?
Data is collected in the following ways:
Enquiries through my contact form via the web host PHD Interactive, trading as, WebHealer, are sent directly to me by email and then deleted by WebHealer from their system.
Online contact form – received by email to me only.
‘Find a Therapist’ online contact form – received by email to me only.
By Email, Mobile phone and Text – received only by myself.
Contact Form completed by yourself for administration purposes
How is data processed?
Your data is processed for the purpose of providing the counselling service required; what is absolutely necessary for administration purposes and to meet HRMC requirements –
Emails, Texts, Invoices
On enquiry or request of my service by telephone, email, text or via my website, you are agreeing to me holding confidential data about you. It will be used to send information regarding your appointment, venue directions, my terms & conditions, payment arrangements and/or follow up information.
Before we meet, I will send you a Contact Form requesting some personal information about you for administrative purposes.
During the counselling process, I will record dates of attendance, location of attendance and fees paid. I collect and process data you may choose to share, verbally or in writing, regarding your reasons for counselling and personal circumstances and this may include sensitive data.
Is your data shared?
I am required to attend clinical supervision on a regular basis. Your name and contact data is always protected. In addition, your data will only be shared if I am required by UK law to do so. For example, your involvement in drug trafficking, terrorism, child protection, money laundering, serious hard to a third party or a court order.
What data is stored?
Our emails, Contact Form information you have provided and my brief hand written notes made during and after counselling sessions for record keeping. Diary appointment entries are restricted to first name only.
How and where is it stored?
- electronic storage: I am protected by ESET Endpoint Encryption to ensure secure processing and storage of your data. This means that data that is collected and stored electronically is protected from malicious hacking attempts and unauthorised access. It is also protected by strong password and security software such as firewall. My website has been upgraded to SSL, which allows us to connect with each other via a secure connection.
- paper storage: Your data (Contact Form, is stored in a locked file.
Why is it stored?
I keep client data in secure storage because the information is required to provide the services professionally and to comply with HMRC requirements.
How long is it stored for?
The law states that data must be current, up to date, relevant and NOT kept longer than is absolutely necessary. I dispose of data when it is no longer required. However, for guidance, there are different categories of data which are stored, or retained, for different time periods:
a) Contact Form, fees paid via BACS, invoices – stored for 7 years for HMRC legal and auditing purposes – paper records and/or electronic.
b) Client and enquiry emails – stored for 6 months (encrypted).
c) Paper records which may include: reasons for counselling, client history, circumstances, health and sensitive information – stored for 6 months following our last contact.
d) Invoicing data – stored for 7 years for HMRC legal and auditing purposes, encrypted – electronic records; bank statements.
How is data disposed?
Paper data - disposed by shredding.
Electronic data - deleted.
- the right to erasure (the right to be forgotten).
- the right to ask what is stored and why it is stored.
Under the Data Protection Act 1998, GDPR 2018, you may request sight or removal of your details.
Links from my website to other websites - please be aware that I am not responsible for the policies, data protection, or security of these linked web sites.
Please note that use of the website contact form informs me of your IP address.
Any email, mobile, phone or internet (Skype) you may choose to communicate with me is subject to limits of confidentiality from providers.
I am the sole owner of Gennie Mockford Counselling Service. As such, I am both the data controller and data processor.
Please let me know if you have any concerns you may have with regard to the privacy of the information you provide.
Gennie Mockford Counselling Service
ICO (Information Commissioner's Office) Reference No: ZA435245