Privacy & confidenciality

I am committed to protecting your privacy and confidentiality in accordance with the British Association for Counselling and Psychotherapy (BACP) Ethical Framework and the UK General Data Protection Regulation (UK GDPR).
This page explains how I collect, use, store, and protect your personal information in my counselling practice, whether sessions take place online or in person.

Legal basis for processing

I act as the data controller for all personal information I hold about you.

Your data is processed under the lawful bases of legitimate interests (providing a professional counselling service) and, where appropriate, explicit consent for sensitive or special category data (such as health or psychological information).

I comply with the Data Protection Act 2018 and am registered with the Information Commissioner’s Office (ICO; registration number ZC076906).

I collect only the information necessary to provide counselling safely and effectively. This may include your name, contact details, and brief session notes.
I may also record communication details such as appointment times, emails, or texts. No audio or video recordings of sessions are made without explicit written consent.

Information I collect

Your information is used solely for providing counselling, managing appointments, and maintaining appropriate records of our work together.
Information may also be used anonymously in professional supervision, which is a BACP requirement for ethical practice. No identifying information is shared without your consent, unless required by law or to prevent serious harm.

How your information is used

Confidentiality & its limits

Session notes and contact details are stored separately in secure, password-protected systems.
Records are retained for seven years after therapy ends, in line with good practice recommendations, after which they are securely destroyed.
Electronic data is encrypted, and, int he case of, paper records these will be accessible only to me.

Record-keeping, storage & retention

You have the right to access the personal information I hold about you, to request corrections, and to ask for deletion where legally and ethically appropriate.
Requests should be made in writing, and I will respond within one month in accordance with UK data protection law.
You may also withdraw consent for certain uses of your data at any time.

Your rights

I do not share your personal information with anyone unless required by law or ethical obligation.
In supervision, I may discuss aspects of our work anonymously to ensure good professional practice.
Where third-party services are used (such as secure email, scheduling, or video platforms), I take steps to ensure they meet GDPR and confidentiality standards.

Sharing information & third parties

In the unlikely event of a data breach, I will take immediate steps to contain the issue, assess the risk, and, where required, notify the ICO and affected clients.
I am committed to candour and accountability, as required by the BACP Ethical Framework, and will always be transparent if your privacy is compromised.

Breach & accountability

This website uses essential cookies to help it run effectively. It may also collect basic analytics data such as page visits.
If you contact me through an online form, your details are transmitted securely and used only to respond to your enquiry.
No data is sold, shared, or used for marketing purposes.

Website, cookies & online privacy

This policy is reviewed annually or whenever there are changes to legal or ethical standards.
The current version will always be available on my website or on request.

Review & updates

If you have questions or concerns about how your data is handled, please contact me directly at [your email].
You also have the right to raise a concern with the Information Commissioner’s Office (www.ico.org.uk) if you believe your data rights have been breached.