No spaces available currently for new clients

Tracy's Counselling Service
  • Home - services
  • Counselling Supervision
  • Online Counselling
  • About me
  • My responsibility to you
  • My Blog
  • Use of Cookies
  • More
    • Home - services
    • Counselling Supervision
    • Online Counselling
    • About me
    • My responsibility to you
    • My Blog
    • Use of Cookies
Tracy's Counselling Service
  • Home - services
  • Counselling Supervision
  • Online Counselling
  • About me
  • My responsibility to you
  • My Blog
  • Use of Cookies

Privacy Policy

This policy is in line with UK legislation and guidance for Data Protection. 

I am unable to provide counselling services to individuals outside of the UK; to ensure I am working to the legal framework at all times. 

The law requires me to tell you about your rights and my obligations to you in regards to the processing and control of your personal data. I do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org

I am registered with the Information Commissioner's Office (ICO) as the Data Controller for Tracy’s Counselling Service. Reference number:  ZA550738

If you are unhappy with any aspect around how I handle your information, then you can raise this with the ICO and/or the BACP. My BACP registration number is 379281. 

This can be done at https://ico.org.uk/concerns/and https://www.bacp.co.uk/about-us/protecting-the-public/professional-conduct/how-to-complain-about-a-bacp-member/

 

The lawful bases for processing personal data are set out in Article 6 of the UK GDPR and are embedded within the DPA 2018.

It is my responsibility to be transparent with clients about which bases may apply and the law demands that at least one of these must apply whenever I process personal data. 

The 6 bases are: 

(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.

(c) Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).

(d) Vital interests: the processing is necessary to protect someone’s life.

(e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.

(f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data, which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)


HOW THIS APPLIES TO YOU:

(A) Consent: Under the UK GDPR regulations, you have to give me explicit consent to collect your personal data; such as your name, address, email, mobile number and date of birth. I require this information to carry out my work and to enable us to form a contract from which to work together. When you respond to my website by sending a message, you are providing consent for GoDaddy website host, to send this to me. I will then clarify and seek explicit consent to gather more information, when I respond to you. This process is embedded in the counselling agreement form that you will be asked to sign electronically, using the software within WriteUpp Practice Management System. I also gather consent when contracting with you about contact in between sessions for the purposes of providing information about appointments such as reminders, confirmation and/or changes that may be needed.

This also applies to consent for inclusion in my client list, that is shared with Make My Clinical Will in the event of my death; or if I were to become incapacitated while we are working together. 

This also provides consent for your data to be held  in a secure 'cloud' within WriteUpp, while our work together is active and then stored securely by Make Your Clinical Will when this is activated, to ensure notes are held for the required 7 years from the final session. This is the recommended time my Insurer 'Howden' now recommends; in case a complaint against Tracy Paine/Tracys Counselling Service. 

Information about WriteUpp can be accessed here: 

https://www.writeupp.com/ and their privacy policy can be accessed here:  

https://www.writeupp.com/privacy

Information about my Clinical Will service can be found here:  

https://makeyourclinicalwill.com/

https://makeyourclinicalwill.com/privacy-policy/


You may withdraw your consent at any time by writing to me at my registered office or by e-mail at tpaine19@protonmail.com If you do so, I shall not be able to provide my services further.


(B) Contract: Information I collect from you is for the purpose of providing a service and developing a contract, so base B applies here. I only request the minimum I need to work safely and ethically. When I am collecting this, I do this over the phone initially, using your personal number provided, using my business phone, which is for my sole use and is secured with my PIN and face recognition software. As noted above the formal contracting takes place using WriteUpp Practice Management System software. It is important that you consider your privacy prior to agreeing to share information with me in this way. If there is anything you feel is of a sensitive nature, then you can indicate you would prefer to share this at the assessment session. Where we have communications outside of WriteUpp, I use an encrypted email service (Protonmail) to ensure that any information recorded by you and received by me electronically is held securely. This is detailed within the client agreement forms in more detail depending on the nature of the service being provided.

NB: Bases C, D, E and F may become applicable if there was a need to breach confidentiality depending on the nature of the concern. I would need to ensure these applied to enable confidentiality to be broken. 

https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/lawful-basis/a-guide-to-lawful-basis/


Data storage: 

I am required to store it for a period of time after our work has terminated, in case of complaints or legal issues. This is in line with guidance from my Insurer Howden and from the BACP. Information will be held for 7yrs. Once this is no longer required it can then be destroyed as confidential waste by shredding this electronically. Any downloads of the assessment paperwork on my designated work laptop are shredded using MacAfee virus guard, once I have printed these off if needed for use. My laptop and work phone are only used by me and these are password protected and face recognition software is used to protect privacy.

Your personal data and summarises of our sessions will be held securely on my WriteUpp cloud.

All my electronic devices are password protected, as is my Signal account, and security and virus software is updated on a regular basis. For online webcam meetings Zoom platform is used as this provides the best level of security for our privacy.


Social Media:

I am unable to reply to any ‘friends’ requests from clients or follow you, in order to protect us both, keeping our work boundaries and confidentiality secure.


Information relating to your method of payment:

The preferred method of payment for all my counselling services and supervision is using bank transfer to my business account, where your name will be visible in my statements and accounts: which include my QuickBooks account managed by my accountant. 

Alternatively we can use PayPal, this ensures I do not access your debit or credit card details directly; but again PayPal will hold and share some personal information to enable payment to be made. Please ensure you read and are happy with PayPal’s privacy policy on their website if this will be the method used. 


Website use:

My website is hosted by Go Daddy and requests from your web browser may be recorded by that hosting service. Essential cookies are used on this website to make the browsing experience positive. Go Daddy also use cookies to provide me with information on how much traffic is passing through my website, but is not obtaining any personal information. When using the website to send an inquiry you can be reassured that this is a secure website, with encryption to protect your information being sent to me. The email service I use, which receives your message (ProtonMail) is a secure email provider. Please also see the page on cookies for more information. 


Access to your personal information:

This can be requested by contacting me using the secure Proton Mail account tpaine19@protonmail.com 



My Memberships

Copyright © 2020 Tracy's Counselling Service - All Rights Reserved. 

Images used on my website are taken from Unsplash. Blog: Time to Talk: image by Steven Coffey, Power of a smile: image by Thiebaud Faix.

  • Privacy Policy

Powered by GoDaddy Website Builder

Cookie Policy

This website uses cookies to ensure a positive experience when using this website and to track this websites performance. Please review the section on my website in the privacy policy for more information. By continuing to use this site, you accept our use of cookies. Privacy Policy 

DeclineAccept & Close