top of page

Privacy Policy & GDPR

This document will help you understand how I collect, use and protect your personal information.

 

In line with the Independent Commissioners' Office (ICO), the data controller is Emma Croft: ICO Certificate Number: 00018108871

 

We, 'Croft Counselling', are committed to ensuring that all data collected over the course of Counselling is necessary and protected in accordance with GDPR legislation.  Therefore, our privacy policy statement is as follows:

What information do I request?

I request personal information such as name, address, date of birth, GP/medical practitioner details, telephone numbers and email address.  I may also request data that relates to personal and family background that could be more sensitive when associated with physical and mental health conditions.

 

What do I use your information for?

  • I use the information requested or provided to guide the most appropriate intervention or therapy that is mutually agreed through case formulation and an evidence-based treatment plan. 

  • I may use emails, address or phone number to amend appointments, and I will always use your preferred method of contact whenever possible. 

  • I may need to use your information to fulfil any administrative, legal, ethical and contractual obligations as guided by my registered governing bodies.

 

Sharing of information between therapist & client during therapy

 

  • Voicemails such as enquiries will be deleted as soon as they have been listened to and any follow-up action taken, such as call-backs.  This service needs to be mindful of my other work commitments and may not always be immediate, but it should be within 24 hours.

  • Preferred methods of communication such as text, phone, email or other apps will be agreed in advance, normally at the start of therapy. 

  • All Email communications shall include password-protected attachments if they are included.

 

What information do I share?

 

I will NOT share information about you with any other organisations or people, EXCEPT in the following situations:

 

  • Consent – I may share information with relevant medical professionals or others whom you have agreed to share certain information.

  • Serious Harm – I may share your information with any relevant authority if I have reason to believe that this may prevent serious harm happening to you or another person.

  • Compliance with Law – I may share information when the law requires me to, such as safeguarding, terrorism, drug offences and/or serious crime.

  • Supervision – It is an ethical requirement for any clinician offering psychological services to have regular supervision.  Any supervisor used is an accredited member of the relevant accrediting body and works within their ethical framework.  No personal information is shared, and all clients’ personal identifiers are removed or withheld.

 

How do I keep your information safe?

 

All information you provide to me is stored as securely as possible.

 

  • I will take all reasonable precautions to prevent loss, misuse or alteration of information given.

  • All paper forms and correspondence are kept in locked filing cabinets.

  • All electronic files are kept on password-protected devices with virus protection software.

  • All formal reports are password protected.

  • Whilst I do my utmost to keep my systems and communications protected against viruses and other harmful effects, I cannot guarantee that all communications are indeed virus-free. 

  • Client notes and other documentation are destroyed 7 years after the end of the psychological services offered.

  • Any known data breaches will be reported to the ICO within 72 hours.

  • Any requests for personal data need to be made through a data subject access request and will be supplied within one month.

  • My website, www.croftcounselling.co.uk, is maintained by Wix. Your details are not stored on their systems for any contact requests made through them.

Data Protection Complaints Process

We are committed to handling your personal information with care and transparency. If you have any concerns about how your data is being managed, please contact us directly at contact@croftcounselling.co.uk with the subject line "Data Protection Complaint." We take all such matters seriously and will acknowledge your complaint within 30 days of receipt. We will investigate your concerns and provide a response regarding the outcome without undue delay. Should you remain dissatisfied with our response, you have the right to lodge a formal complaint with the Information Commissioner’s Office (ICO).

Your Rights

Under the GDPR, you have the right to:

 

  • Access your personal data - Rectify, erase or restrict your data - Object to the processing of your data - Request transfer of data (data portability).

  • You may withdraw your consent for me to hold and process your data at any time. However, if you do this while actively receiving psychological services, the services would have to end. You can withdraw your consent by stating this on an email to contact@croftcounselling.co.uk

  • If you have any concerns about the way I handle your data, please contact contact@croftcounselling.co.uk. If you feel this has not been resolved effectively, you have the right to contact the Information Commissioner's Office (www.ico.org.uk


Changes to this policy

 

We reserve the right to make changes to this Privacy Policy at any time, and if you are in therapy with Croft Counselling, we will send you notice of this via your agreed method of contact.

bottom of page