Privacy Notice (May 2018)
New laws relating to General Data Protection Regulation (GDPR) come into effect from 25 May 2018. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries. This document sets out how Glamorgan Psychotherapy complies with these laws.
Data Control
Andrea Davies is the data controller for Glamorgan Psychotherapy.
What personal data we process
Glamorgan Psychotherapy processes the following personal data from clients:
If you are referred by your health insurance provider, we will also collect and process personal data provided by that organisation. This includes basic contact information, referral information, and health insurance policy number and authorisation for psychological treatment.
The lawful basis for processing personal data
Glamorgan Psychotherapy has a legitimate interest in using the personal data and sensitive personal data we collect to provide health care and treatment. The data collected is necessary for us to provide psychological therapy to clients.
We may also ask for information on how you found our service for the purpose of our own marketing research. No information you provide is passed on without your consent. We will never sell your information to others.
What we do with your personal information
At Glamorgan Psychotherapy we take your privacy seriously. We will only use your personal information to provide the services you have requested from us.
If you do not provide the personal information requested, we may be unable to provide a service to you.
How long we store personal information
We will only store your personal information for as long as it is required. Basic contact information held on a mobile phone is deleted at the end of therapy.
The sensitive personal data defined above is stored for a period of 7 years after the end of therapy. After this time, this data is deleted at the end of each calendar year.
How your personal information is used
We use the information we collect to:
How we might share personal information
We hold information about each of our clients and the therapy they receive in confidence. This means that we will not normally share your personal information with anyone else. However, there are exceptions to this when there may be need for liaison with other parties:
In exceptional circumstances, we might need to share personal information with relevant authorities:
What we will NOT do with your personal information
We will not share your personal information with third-parties for marketing purposes.
How we ensure the security of personal information
Personal information is minimised in phone and email communication. Sensitive personal data will be sent to clients in an email attachment that is password protected. Cloud-based storage is with Tresort and access requires two-step authentication. When stored electronically, all information, including special category data is encrypted with restricted access.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Should you choose to contact us using an email link none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors.
This website is hosted by 3rd party servers located in the EU which are compliant with EU legislation.
Personal information is also stored on office computers. These are password protected. Malware and antivirus protection is installed on all computing devices. Mobile devices are protected with a passcode/thumbprint scanner and mobile security.
Your right to access the personal information we hold about you
Glamorgan Psychotherapy reserves the right to refuse a request to delete a client's personal information where this constitutes therapy records. Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by The British Psychological Society (BPS; 2000)[1]and The Health and Care Professions Council (HCPC; 2017)[2].
Andrea Davies
May 2018
[1]The British Psychological Society (2000). Clinical Psychology and Case Notes: Guidance on Good Practice. Leicester: Division of Clinical Psychology, BPS.
[2]Health and Care Professions Council (2017). Confidentiality - guidance for registrants. London: HCPC.
The information contained in this website is for general information purposes only. Whilst we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Through this website you are able to link to other websites which are not under our control. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
We encourage you to read the privacy statements on the other websites you visit.
Every effort is made to keep the website up and running smoothly. However, we take no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
This website uses cookies which are stored on your browser. You can usually modify your browser settings to prevent this happening. However, by disabling cookies, or certain types of cookie, you may hinder your user experience on this and other websites, or prevent them from working entirely.
Some cookies used on this website collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages.
These cookies don't collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.
Please note that some cookies may be placed by third party service providers who perform some of these functions (or other services) for us. Cookies are used on this website for the following third party service: Google Analytics. Some of these services may be used to track your behaviour on other websites and we have no control over this.
By continuing to use this website without adjusting your browser's cookie settings, you agree that we can place these cookies on your device.
By using and browsing this website, you consent to cookies being used in accordance with our policy. If you do not consent, you must disable cookies or refrain from using the site.
If you have any questions/comments about privacy, you should contact us.