GDPR – Privacy Policy for Purple Tree Therapies

General Information

This privacy policy sets out how I use and protect any information that you supply when you either contact or work with me.

I am committed to ensuring that your privacy is protected.  Should I ask you to provide certain information, by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement.

I want to ensure that I adhere to UK and EU regulations as set out in the GDPR (General Data Protection Regulation).  More information about GDPR and how this should be applied can be found on the ICO website:  www.ico.org.uk

I may change this policy at various points by updating this page, so please review it frequently.  Changes and clarifications will take effect immediately upon their posting on the website.

Collection, processing and storage of information

In therapy, I may collect information to include the client’s email address, name, postal address, telephone numbers etc.  In order to give clients a more thorough service, I may also collect data on your preferred contact method, your doctor’s name and surgery, any medication you are taking and whether you have any physical or medical conditions.  Information may be gathered by me on issues that are concerning you, how much previous experience you may have had of therapy, and an indication of what you perceive as your goal for therapy with me.  This information will be gathered on a form sent to you prior to our first meeting, which has a notice setting out the client’s rights, and will be signed and dated by the client prior to commencement of any treatment.

I may also write notes about our sessions as an aide memoire so that more thorough notes can subsequently be written by myself and kept on the client’s file (both hard and soft copies).  I collect this information for the following reasons:

  • To prepare a working contract between us.
  • To contact you for administrative purposes such as changing appointments or to discuss payments.
  • To help with our work together.
  • To conform with my insurer’s requirements with regard to keeping notes on our work together – please rest assured any data is anonymised and held securely for a maximum of 7 years after our work has ended.
  • To comply with any applicable laws and regulations.

If you choose to pay me by bank transfer, your information will then form part of my bank’s data over which I have no control.   The same applies to any payments made to me via credit or debit card.

As part of my digital marketing strategy including search engine performance, my website uses Google Analytics. This may use IP address information, however this is not stored by myself in conjunction with any personal data.

By agreeing to add your name to my mailing list, you may receive periodic updates, news, offers or information that I feel may be of interest to you.  If you would like to be removed from this list at any time you can unsubscribe (using the link on the email) or contact me direct.

Your personal information will be used for the specific reasons stated above only.

Security

I am committed to ensuring your information remains secure.  In order to prevent unauthorised access or disclosure, I have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information I collect.  This includes the use of passwords and encrypting on electronic devices and locked filing cabinets for paper documents.  As a client, your information will only be shared if required to do so in the event of you disclosing an intention to harm either yourself, or others, or engage in terrorist activities. On occasion, as a client, your issues may be discussed at supervisory or peer group meetings, but your name and details will remain completely anonymous at all times.

Consent

In the first instance, if you choose to make contact with me to enquire about my services, I will use your data to discuss your issues with you, and to make an initial appointment. By proceeding with contacting me, you are giving me consent for the purpose of this process.  In the event that you decide not to go ahead and work with me, I will ensure that your data is deleted.

If you do decide to meet with me, during the first meeting I will ask you to complete a form confirming that you consent to me further processing and storing your data, as outlined above.

If you believe that consent has not been given for an activity that utilises your personal data, please contact me immediately stating your concerns. Equally, if you would like to access, correct, amend or delete any personal information I have about you, you are invited to contact me at lynn@purpletreetherapies.co.uk, or discuss it with me in person.

Individual’s rights

I will endeavour to resolve any individual’s rights issues within the statutory time period (30 days).  I aim to store legitimate, relevant and accurate information about my clients.  You have the right to request the following.

  • Obtain personal data that I have stored
  • Change personal data if inaccurate
  • Have your data erased (where it does not infringe on me carrying out contractual obligations or other overriding regulations – eg, storage of data for accounting purposes or for legal reasons).

If you believe that any information or requested information on this website or in our therapy sessions contravenes GDPR please contact me immediately so that I may have the opportunity to correct any issues.

Safety of your personal information

I will not sell, share, distribute or lease your personal information to any third parties unless I am required by law to do so.  Communications from me, based upon your information, will be restricted to relevant information as part of any process.

Links to other websites

My website may contain links to other websites of interest.  However, once you have used these links to leave my site, you should note that I do not have any control over that other website.  Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites as they are not governed by this privacy statement.  You should exercise caution and look at the privacy statement applicable to the website in question.