top of page

Ascot Therapy Practice

Privacy Policy

Effective: 1st September 2024

 

Ascot Therapy Practice is committed to protecting your privacy and ensuring the confidentiality of your personal and health information in compliance with the UK General Data Protection Regulation (UK GDPR) and guidance from the Information Commissioner's Office (ICO). This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you engage with our psychotherapy services.

 

1. Information We Collect

 

We collect and maintain personal and health-related information necessary to provide psychotherapy services to prospective and contracted clients, including but not limited to:

 

  • Contact details (name, address, phone number, email address)

  • Demographic information (date of birth, gender, marital status etc.)

  • Medical and mental health history, including register GP contact details

  • Assessments, treatment records and progress notes

  • Insurance and billing information

  • Email and phone messages

  • Calendar appointments

  • Emergency contact details

 

2. Lawful Basis for Processing

 

Under UK GDPR, we process your personal data based on the following lawful bases:

 

  • Consent – When you provide explicit consent for us to process your personal and health data. You can withdraw your consent at any time by contacting Sarina Pearson at Ascot Therapy Practice (contact details below).

  • Contractual necessity – When processing is necessary to provide our services.

  • Legal obligation – When required by UK laws or regulations.

  • Vital interests – When processing is necessary to safeguarding you or a vulnerable person at risk of harm

  • Legitimate interests – When processing is necessary for our legitimate interests and does not override your rights and freedoms.

 

3. How We Use Your Information

 

We use your information to provide counselling and psychotherapy sessions. We may share your information as detailed on the contract under confidentiality.

 

4. How We Protect Your Information

 

We implement appropriate administrative, technical, and physical safeguards to protect your information against unauthorised access, disclosure, or misuse. These measures include:

 

  • Secure storage of physical records in locked filing cabinets or safes

  • Encryption and password-protected digital files

  • Limited access to sensitive data based on necessity

 

5. Data Sharing and Confidentiality

 

  • Your information is kept confidential and will not be shared without your explicit consent, except in the following circumstances:

    • When required by law (e.g., court orders, subpoenas, mandatory reporting of abuse or threats of harm)

    • If there is a risk of serious harm to you or others

    • To comply with insurance or healthcare provider requirements as permitted by law

    • When sharing with third-party service providers who process data on our behalf (with appropriate safeguards in place)

  • In each of the above cases, every effort will be made to gain your consent in so far as possible.

 

6. Your Rights Under UK GDPR

 

  • Under the UK GDPR, you have the following rights regarding your personal data:

    • The right to access and obtain copies of your records

    • The right to request corrections to inaccurate information

    • The right to request erasure of your data (subject to legal obligations)

    • The right to restrict processing under certain conditions

    • The right to object to processing

    • The right to data portability

    • The right to withdraw consent at any time (where processing is based on consent)

    • The right to lodge a complaint with the ICO if you believe your rights have been infringed

 

7. Data Retention

 

We will retain your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy and in compliance with legal and professional obligations. Retention periods will be determined based on medical and regulatory guidelines and shall be shredded confidentially when the time comes. As a general rule:

  • contracted client data will be kept for up to seven years following the last contact and interested party data will be kept for up to three months following the last contact.

  • These periods are subject to revision at any point and as deemed necessary.

 

8. Contact Information

 

  • If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your data, please contact Sarina Pearson at Ascot Therapy Practice via either:

 

 

  • If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO) via either:

 

 

9. Changes to This Policy

 

We may update this Privacy Policy from time to time. Any changes will be posted on our website and will take effect immediately upon posting.

 

By engaging with our psychotherapy services, you acknowledge that you have read and understood this Privacy Policy.

bottom of page