VANESSA FRANCOISE THERAPY PRIVACY POLICY

INTRODUCTION
Your privacy is a top priority for me. I’m committed to always being a good custodian of my clients’ personal information, handling it in a responsible way, and securing it with administrative, technical, and physical safeguards. I’m registered as a data controller with the Information Commissioner’s Office (ICO), ICO registration reference ZA452655, and I am a member of the British Association of Counsellors and Psychotherapists (BACP), registration number 374359. If you have any queries about this privacy notice or about any aspect of my data management, please contact me at vanessa@theexetercounsellor.com or on 07787-290434. I’ll update this privacy notice regularly to ensure it continues to comply with the latest regulations and best practice. This privacy notice was published on my website in March 2023.

HOW I PROTECT AND MANAGE INFORMATION
Storage and management of personal information
I keep paper records of my clients’ Client Information Forms and signed/dated contracts in a locked cabinet in my therapy room (the building is alarmed). I also keep a master list of client names/pseudonyms and basic contact details (phone numbers and email addresses) in an excel spreadsheet as well as therapeutic notes in pseudonymised word documents on my laptop (which is password protected and only used by me) which is either with me at my therapy room or at my home.

Visitors to my website
My website www.theexetercounsellor.com is powered by Abundant Fish and like most websites, I use cookies to help the site work more efficiently. Enquiries submitted through the CONTACT ME page on my website are sent directly to me by email. No user-specific data is collected by me or any third party. Your information is used solely for correspondence between you and me. All my contact details are private and personal to me. No one else shares or views my emails, telephone number or texts.

General enquiries
I do not record or process any data from people who call, text, or email me with general enquiries. If a query does require me to take personal data, I will explain this at the time. I do not record phone calls.

Clients and former clients and clinical will
The legal basis I use for processing clients and former client’s personal information is a combination of contract and legitimate interest. I carefully safeguard the information I hold about clients and former clients. This information comes from the way clients engage with me: it is provided through the completion of my client information form, during their initial sessions, during ongoing sessions and/or by text, email, Skype, and post in between sessions/at the end of therapy. I don’t keep client names or contact details on my contact lists so if you need to send me a message, text, or email, please include your name. Once I have dealt with your enquiry, I will delete it and add a note/anonymised copy of it to your therapeutic notes. Once your therapy has ended, I will keep your data for 6 years. If you decide to return to therapy during this period, I will have your data to hand and new data will be added to this. After six consecutive years of no therapy all the data I hold on you will be securely destroyed (paper cross shredded and electronic data deleted). In the unlikely event that I can no longer work with you due to my sudden sickness or death, my clinical will initiator (next of kin) will forward my master list of client names/pseudonyms and basic contact details to my clinical trustee (Supervisor) who will contact you if therapy is ongoing, help you to find a new therapist, and then instruct my clinical will initiator to securely destroy all pseudonymised paper records relating to you (personal details and therapeutic data).

WHAT THE INFORMATION IS USED FOR
As well as contact details I will collect and retain potentially sensitive information about my clients mental and physical health and general circumstances. I will only use this information to provide my clients with the best possible counselling service which aims to improve their wellbeing and to inform the development of my service to continue to meet their needs. I may need to send messages by telephone, text, email, or

Skype. These messages will be to arrange or rearrange appointments or to confirm suggested material for reading/watching between sessions. I will never pass on your information to a third party to use in their own direct marketing without your consent. In rare cases, I may be required to share your data by a court of law or relevant regulatory authority or to defend myself if a complaint was made against me.

SHARING INFORMATION
During your contact with me, I will not share your information with any third parties unless: you have consented to this; as part of my duty to protect a child, vulnerable adult, you, or the public; for the prevention and detection of substantial criminal activity; I’m required to do so by a court or law or relevant regulatory authority; to protect my rights, property or safety, or those of any third parties. By being my client and using my services, you grant me permission to process personal data which you have provided to me. When you make a payment to me, either by bank card, credit card or cash, I will keep records of your payments for financial audit reasons for six years. I may share any data about my work with: my clinical supervisor Richard Cross; my accountant Paula Menagh at TS Partners Ltd; HMRC; the Information Commissioner’s Office – ICO; the BACP. Should I discover that any personal data I hold on you has become compromised in any way I will contact you to inform you of what has happened and any steps I am taking to address the cause.

YOUR RIGHTS
Under the EU General Data Protection Regulation (GDPR) you have rights as an individual data subject which you can exercise in relation to the information I hold about you: the right to be informed; the right of access; the right to rectification; the right to be forgotten; the right to restrict processing of personal data; the right to data portability; the right to object; rights in relation to automated decision-making and profiling; the right to lodge a complaint with the ICO. You can read more about these rights on the ICO’s website (see ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights).

MY RIGHTS
If you don’t agree with my keeping records of information about you and your counselling, I will not be able to offer/continue to offer you my counselling service. I keep your records of counselling for a certain period (as described above), which may mean that even if you ask me to erase any details about you, I might have to keep these details until after that period has passed. I may move client records between my IT systems as long as all client data is secure.

COMPLAINTS
I try to meet the highest standards when collecting and using personal information, and I take any complaints about this very seriously. I encourage you to let me know if you think that my collection or use of information is unfair, misleading, or inappropriate. I also welcome any suggestions for improving my procedures and I’m happy to provide any additional information or explanation needed. If you want to make a complaint about the way I’ve processed your personal information, you can contact the ICO (the statutory body which oversees data protection law – see ico.org.uk/make-a-complaint).

ACCESS TO YOUR PERSONAL INFORMATION
I try to be as open as I can in terms of giving clients access to their personal information. You can find out if I hold any personal information about you by making a ‘subject access request’ under GDPR. If I do hold information about you I will: give you a description of it, tell you why I’m holding it, tell you who it could be disclosed to, let you have a copy of the information in an intelligible form. To request any personal information I may hold, please put your request in writing to me at the email address in the Introduction above. If you agree, I’ll try to deal with your request informally, for example by providing you with the specific information you need over the telephone. You can also ask me to correct any mistakes in any information I hold.