How I handle your privacy and data with care and respect

To maintain high standards of practice, I attend regular clinical supervision. This is an essential and ethical part of counselling that ensures thoughtful, reflective support while maintaining your confidentiality. My supervisor is also a BACP member and follows the same ethical guidelines.

What is the General Data Protection Regulation (GDPR) and how does it affect me?

The GDPR (2018) replaced the Data Protection Act (1998) to ensure your personal and sensitive information is kept private, secure, and used only in ways you have agreed to. This includes your identifiable details (e.g., name, address, health information) and any records of our sessions, emails, or text messages.

How long will you keep my information?

In line with NHS data retention guidelines:

• Adult client records are retained for 8 years after your final session.
• For clients under 18:
  • If you finish counselling before turning seventeen, your records will be kept until your 25th birthday.
  • If you are seventeen when counselling ends, records will be kept until your 26th birthday.
• All data will be securely deleted in the January following the end of the retention period.

Can I request my records be deleted sooner?

Yes. Under GDPR, you can request in writing that your records be deleted. In such cases:

• Paper records will be cross-shredded.
• Electronic data (emails, text messages, documents) will be permanently deleted.
• I am legally required to retain your written request for deletion, but no other data will be stored.

Please note: In some cases, my professional insurance provider may require access to records for legal verification.

Why do you collect my personal information?

I collect limited personal and medical information to support your care, including:

• Reasons for seeking counselling
• Relevant medical history
• Brief session notes
• Emergency contact details and GP information (with your consent)

This allows me to offer a consistent, high-quality service and prepare effectively for each appointment. Additionally, my website may collect anonymised data (for example, number of visitors, location, time spent on site) for performance analysis.

How is my information kept secure?

• Paper records are stored in a locked cabinet within a locked room.
• Text messages are stored on a password-protected work phone.
• Emails are accessed via a secure, password-protected account.
• Attachments containing sensitive information are password-protected, with the password sent separately via text.
• Electronic files are stored on a password-protected computer.

Is everything we talk about confidential?

Yes. All session content is strictly confidential. However, I do discuss aspects of my work with a professional supervisor, as required by ethical guidelines. These discussions are anonymised, and my supervisor is also bound by GDPR.

What happens if we meet outside of an appointment?

If we happen to see each other in public, I may acknowledge you with a smile but will not initiate conversation. This is to protect your confidentiality.

Will my information be shared with other professionals?

Your information will only be shared with other health or social care professionals with your written consent for example, if I need to contact your GP regarding your care.

Exceptions to Confidentiality:  I may, with your consent if possible, pass on any information to the relevant authorities in cases where public safety is concerned including the following:

1. If you threaten harm to yourself or to another person

2. If a child or adult is at risk of harm or abuse

3. If the courts instruct me to provide information                                                           

4. If you share information about a proposed act of terrorism or other illegal act

If you have further questions, please feel free to contact me directly via the contact form and I will aim to respond within 24 hours.