PRIVACY POLICY
I comply with the Data Protection Act 2018 and the General Data Protection Regulations (GDPR) and am a registrant of the Information Commissioners Office (ICO). This policy explains what personal information I keep, how I use it and how I keep it secure. For the purposes of the General Personal Information Protection Regulations (GDPR) 2018, the personal information “controller” is Ellis Morgan – Ellis Morgan Therapy.
Contact and Session Information
When we begin our work together I will ask you to provide a name, email address and if possible, a phone number. I will only use your details in order to provide the counselling and therapy service I offer, including contacting you about appointments. I will not contact you for any other reason nor use your information for any other purpose. If we decide not to begin therapy together any data submitted by you will be deleted immediately.
Sharing information
There may be occasions where another professional suggests sharing information with me to assist in our work together (for example an assessment report from an appointment with a gender clinic). Such information sharing would only occur with your consent. There may also be occasions where you request for me to write a letter to another agency confirming our work together (for example prior to you attending an appointment with a gender clinic). I will always ensure that any such correspondence is fully agreed with you in writing. Any file transfers of this nature will be carried out securely to protect your privacy.
Financial Information
I keep financial information including bank statements for 7 years as advised by HMRC. If you decide to make payments by BACS be aware that your account name and reference may be viewed by employees of the bank.
Data Storage
Any documents that hold data about you (including any session notes, letters, bank statements etc.) will be held securely to protect your privacy. Information held electronically will be stored in protected files held on secure devices that only I have access to and any paper files will be kept in locked storage cabinets. I also carry a paper diary to keep track of appointments, which holds only first names against appointment times.
I will keep basic records of our sessions (e.g. name and dates of sessions) and any notes I take for 3 years. Any additional correspondence (e.g. letters to or from other agencies) will be kept for 6 months after the end of therapy, or when I last hear from you.
I use an online, end to end encrypted survey tool to called Block Survey to gather some initial client information at the start of your therapy. Any information you submit will be downloaded then immediately deleted from their servers. This will kept securely with your records until they are destroyed.
Website
My website is hosted through Weebly and they make minimal use of cookies to enable the use of google analytics. A banner at the bottom of each webpage will ask if you have happy to accept cookies, which you can ignore if you wish to decline. All enquiry messages submitted through Weebly are deleted on a regular basis.
Online Video Calls
I use VSee to carry out therapy video calls, which is a secure platform designed for use by health professionals. All audio/video communication is encrypted and transmitted from point-to-point such that even VSee does not have access to any identifiable information communicated.
Where using VSee is difficult or impossible for clients for technical reasons, I am happy to work via Skype at a clients’ request. However it is important for clients to consider the greater security risks of using this platform, as unlike VSee, Microsoft can gain access to these communications.
Your Rights under GDPR
You have the right to see the information I hold about you on request and you are welcome to discuss how I handle your data at any time. If you ever wish to complain about how your data is handled you can contact the Information Commissioners Office at ico.org.uk or on 0303 123 11 13. Please be aware that in agreeing to proceed with therapy with me you acknowledge your acceptance of this policy. Whilst we are working together I will make you aware of any changes to my privacy policy via email, and any changes will also be posted to the relevant page of my website.
I comply with the Data Protection Act 2018 and the General Data Protection Regulations (GDPR) and am a registrant of the Information Commissioners Office (ICO). This policy explains what personal information I keep, how I use it and how I keep it secure. For the purposes of the General Personal Information Protection Regulations (GDPR) 2018, the personal information “controller” is Ellis Morgan – Ellis Morgan Therapy.
Contact and Session Information
When we begin our work together I will ask you to provide a name, email address and if possible, a phone number. I will only use your details in order to provide the counselling and therapy service I offer, including contacting you about appointments. I will not contact you for any other reason nor use your information for any other purpose. If we decide not to begin therapy together any data submitted by you will be deleted immediately.
Sharing information
There may be occasions where another professional suggests sharing information with me to assist in our work together (for example an assessment report from an appointment with a gender clinic). Such information sharing would only occur with your consent. There may also be occasions where you request for me to write a letter to another agency confirming our work together (for example prior to you attending an appointment with a gender clinic). I will always ensure that any such correspondence is fully agreed with you in writing. Any file transfers of this nature will be carried out securely to protect your privacy.
Financial Information
I keep financial information including bank statements for 7 years as advised by HMRC. If you decide to make payments by BACS be aware that your account name and reference may be viewed by employees of the bank.
Data Storage
Any documents that hold data about you (including any session notes, letters, bank statements etc.) will be held securely to protect your privacy. Information held electronically will be stored in protected files held on secure devices that only I have access to and any paper files will be kept in locked storage cabinets. I also carry a paper diary to keep track of appointments, which holds only first names against appointment times.
I will keep basic records of our sessions (e.g. name and dates of sessions) and any notes I take for 3 years. Any additional correspondence (e.g. letters to or from other agencies) will be kept for 6 months after the end of therapy, or when I last hear from you.
I use an online, end to end encrypted survey tool to called Block Survey to gather some initial client information at the start of your therapy. Any information you submit will be downloaded then immediately deleted from their servers. This will kept securely with your records until they are destroyed.
Website
My website is hosted through Weebly and they make minimal use of cookies to enable the use of google analytics. A banner at the bottom of each webpage will ask if you have happy to accept cookies, which you can ignore if you wish to decline. All enquiry messages submitted through Weebly are deleted on a regular basis.
Online Video Calls
I use VSee to carry out therapy video calls, which is a secure platform designed for use by health professionals. All audio/video communication is encrypted and transmitted from point-to-point such that even VSee does not have access to any identifiable information communicated.
Where using VSee is difficult or impossible for clients for technical reasons, I am happy to work via Skype at a clients’ request. However it is important for clients to consider the greater security risks of using this platform, as unlike VSee, Microsoft can gain access to these communications.
Your Rights under GDPR
You have the right to see the information I hold about you on request and you are welcome to discuss how I handle your data at any time. If you ever wish to complain about how your data is handled you can contact the Information Commissioners Office at ico.org.uk or on 0303 123 11 13. Please be aware that in agreeing to proceed with therapy with me you acknowledge your acceptance of this policy. Whilst we are working together I will make you aware of any changes to my privacy policy via email, and any changes will also be posted to the relevant page of my website.