Information Commissioners Office (ICO) registration reference: C1398860
Data controller and processor: Sarah Ferry
Data subjects: Clients
This policy is written with the intention of providing transparent information regarding how Sarah Ferry Counselling controls and processes personal data. To find out more about General Data Protection Regulations (GDPR) and your rights, please go to https://ico.org.uk/for-the-public/ or https://ico.org.uk/global/contact-us/
The service:
Sarah Ferry provides personal counselling by private contract to clients. In many instances, the counselling agreement (See Counselling Agreement Document) is between the counsellor and the client. Some counselling agreements involve a third party, for example, where parents have brought their child to counselling and fund the counselling, or where a third party such as human resources or private health care company requests and funds counselling.
Data collection points:
Enquiries to Sarah Ferry Counselling are received via a number of channels; in person, telephone, text or email. Initial enquiries usually contain some personal information such as names, emails and telephone numbers. Emails are received via: our marketing on the Counselling Directory/ BACP/Psychology Today Directory websites, by clicking a link on the Sarah Ferry Counselling website which opens an email in your own browser/system or direct contact independent of these methods. Other data is collected at initial meetings and following each counselling session.
Data collection & and processing: what information and why do I process it?
Any client data collected and/or retained by Sarah Ferry Counselling (including personal information) is solely processed in order to make relevant contact with and provide counselling services to clients.
Personal information collected/processed:
Full name
Date of birth
Home address
Telephone number
GP name and address
Parent/Carer Name and telephone number and/or email address (where relevant)
Email address
Other information collected/processed regarding clients/attendees;
Brief session notes are made in anonymised form, identifiable only by unique client codes.
Anonymised monitoring information, identifiable by unique client codes
Text messages
Emails
Third-party data collection & and processing
The counselling directory, BACP and Psychology Today find a therapist provide robust information regarding their privacy policies and any processing of personal data to all users which can be found at https://www.counselling-directory.org.uk/privacy.html or at https://www.bacp.co.uk/privacy-notice/ or at https://www.psychologytoday.com/gb/docs/privacy-policy
Data storage, retention and disposal:
Sarah Ferry Counselling stores paper records, including personal information in a locked filing cabinet and electronic information in password-protected and encrypted format (including email, telephone numbers and text). Telephone numbers are anonymised, with those and any text messages being held on password-protected professional mobile phones. Session/counselling notes are held separately from personal and identifying information in anonymised format. Data is held for a maximum of 5 years after client’s last contact with Sarah Ferry Counselling, in line with insurance requirements and GDPR. After this time, data is then disposed of securely and confidentially.
Data sharing:
It is rare that any personal information would be shared. As BACP registered counsellors, anonymised client information is shared with professional supervisors (a requirement of registration) in order to maximise service provision to clients. Personal information will not be shared with any other party without prior client consent, with the exception where Sarah Ferry Counselling believe that not sharing the information would result in the risk of harm to clients or any other person or if there is a legal requirement to do so.
In the event that Sarah Ferry is in some way incapacitated, all records will be destroyed confidentially by Sarah’s supervisor. Every effort will be made to ensure current clients are informed of this action.
Counselling agreements:
All clients proceeding with counselling are required to consent in writing to both the parameters of counselling and data collection within a detailed counselling agreement. This agreement sets out elements of the counselling contract with a detailed privacy statement prior to a section where personal data is collected.
For younger clients, they are required to provide written consent themselves where it is deemed that they fully understand what they are consenting to. Parents are requested to provide their consent to their children entering the counselling agreement and are required to consent to their own data being processed as detailed. However, this does not mean that they will be privy to any other information the client discloses during the course of counselling, in line with the data-sharing above.
Where another type of third party is involved, unless we gather personal information pertaining to themselves, they will not be required to provide their consent, any information shared regarding the client (other than attendance information) will be subject to clients’ providing consent.
Access to personal data and requests to erase, limit use or amend personal data:
As clients consent to and provide personal information, they are informed that they can request access to this information at any time and provided with details as to where they can learn more about their rights in relation to GDPR. No charges will be made for accessing personal information and the personal information will be provided at the earliest possible time. Clients also have the right to request that data be erased, limited or amended and the right to be compensated for any harm caused by incorrectly processing personal information.
Data breaches:
Where there has been a breach of Sarah Ferry Counselling's GDPR policy, for example, data has been shared with a third party without consent or data has not been destroyed in a timely manner, the breach will be reported to the ICO within 72 hours.
This policy is written with the intention of providing transparent information regarding how Sarah Ferry Counselling, controls and processes personal data. If you have any queries regarding this policy, please contact us using the details above. To find out more about General Data Protection Regulations (GDPR) and your rights, please go to https://ico.org.uk/for-the-public/ or https://ico.org.uk/global/contact-us/