Privacy Policy

Data Held

At our first meeting, new clients will be asked for relevant personal data including name, contact phone number, contact email address, GP and emergency contact names and phone numbers, and any current medications. This data will not be shared with any other party without the client's consent, unless there is a legal requirement or court order to do so, or where there is immediate risk of substantial harm to them or to others. This data will be held by me in a password protected filing system on my personal laptop.

Personal data also includes session notes which I will maintain separately. This data will also be contained in a password-protected filing system on my personal laptop, with each client log having a unique password and coding system for names. These notes will consist of a brief summary of some of the points or experiences that occur in a session, and they will be pseudonymised so they cannot be linked to the identity of any person, including the client, members of their family, or significant others.

Purposes of Processing and Legal Basis

As a Psychotherapist I will use personal data relating to you for the purposes of:

• Providing you with counselling services
• Where necessary, contacting your GP or organising specialised support services for you (subject to your explicit consent, save where there is a serious concern for your safety or the safety of others)
• To comply with my legal and regulatory obligations

The legal basis on which I collect, process and transfer your information are:

• A legitimate interest in providing you with psychotherapy services. I will not process your personal data for these purposes if to do so would constitute an unwarranted interference with your own interests, rights and freedoms
• That this is necessary for compliance with a legal or regulatory obligation that applies to Psychotherapists
• In limited circumstances, where you have given your consent to such processing

The legal basis on which I collect, process and transfer special categories of data are:

• Issues of public safety, such as child protection issues or any other areas in which psychotherapists are legally bound to disclose information
• That this is necessary for the provision of health or medical care
• That you have given your explicit consent to such processing

Data Retention

All personal data will be held by me for a period of 7 years from the date of cessation, in line with the professional guidelines of the Irish Association for Humanistic and Integrative Psychotherapy (IAHIP). They will then be fully erased. Data will be held for longer if necessary, for example in the case of an ongoing or pending court case or complaint.

Access to Personal Data

Clients have the right to access their data records via a Subject Access Request (SAR). This access will be arranged within 30 days. Clients may request the updating or correction of data held. Clients may request the return, copy or deletion of their data, subject to legal requirements that data must be held for a minimum of 7 years. Clients may also request that their data is sent to another data controller in a suitable electronic format.

Data Breaches

I will notify any affected party of any serious breach of any identifiable data. This would include incidents such as theft, loss, fire, or unauthorised access by another person. The Data Protection Commission will be notified of any serious breach of data.

Client Consent

All clients will be asked to sign to consent to my holding of relevant personal data as part of our contract of working together. This signed agreement will be scanned and held by me in a password protected filing system on my personal laptop. The original will be returned to the client for their own information and safe keeping.