Privacy Policy & GDPR

This document will help you understand how I collect, use and protect your personal information.

 

In line with the Independent Commissioners office (ICO) the data controller is Emma Croft: ICO Certificate Number: 00018108871

 

We, 'Croft Counselling', are committed to ensuring that all data collected over the course of Counselling is necessary and protected in accordance with GDPR legislation.  Therefore, our privacy policy statement is as follows:

​

What information do I request?

I request personal information such as name, address, date of birth, GP/medical practitioner details, telephone numbers and email address.  I may also request data that relates to personal and family background that could be more sensitive when associated with physical and mental health conditions.

 

What do I use your information for?

• I use the information requested or provided to guide the most appropriate intervention or therapy that is mutually agreed through case formulation and an evidence based treatment plan. 

• I may use emails, address or phone number to amend appointments and I will always use your preferred method of contact, whenever possible. 

• I may need to use your information to fulfil any administrative, legal, ethical and contractual as guided by my registered governing bodies.

 

Sharing of information between therapist & client during therapy

 

• Voicemails such as enquiries will be deleted as soon as they have been listened to and any follow up action taken such as call backs.  This service needs to be mindful of my other work commitments and may not always be immediate but it should be within 24 hours.

• Preferred methods of communication such as text, phone, email or other apps will be agreed in advance normally at the start of therapy. 

• All Email communications shall include password protected attachments if they are included.

 

What information do I share?

 

I will NOT share information about you with any other organisations or people, EXCEPT in the following situations:

 

• Consent – I may share information with relevant medical professionals or others whom you have agreed to share certain information.

• Serious Harm – I may share your information with any relevant authority if I have reason to believe that this may prevent serious harm happening to you or another person.

• Compliance with Law – I may share information when the law requires me to such as safeguarding, terrorism, drug offences and/or serious crime.

• Supervision – It is an ethical requirement for any clinician offering psychological services to have regular supervision.  Any supervisor used is an accredited member of the relevant accrediting body and works within their ethical framework.  No personal information is shared and all client’s personal identifiers are removed or withheld.

 

How do I keep your information safe?

 

All information you provide to me is stored as securely as possible.

 

• I will take all reasonable precautions to prevent loss, misuse or alteration of information given.

• All paper forms and correspondence are kept in locked filing cabinets.

• All electronic files are kept on password-protected devices with virus protection software.

• All formal reports are password protected.

• Whilst I do my upmost to keep my systems and communications protected against viruses and other harmful effects, I cannot guarantee that all communications are indeed virus free. 

• Client notes and other documentation are destroyed 7 years after the end of the psychological services offered.

• Any known data breaches will be reported to the ICO within 72 hours.

• Any requests for personal data need to be made through a data subject access request and will be supplied within one month.

• My website, www.croftcounselling.co.uk  is maintained by Wix. Your details are not stored on their systems for any contact requests made through them.

​

Square Payments

​

We use Square for payment processing, analytics, and other business services.  This Privacy Notice describes how Block, Inc. and our affiliates (collectively, “Square,” “we,” and “us”) collect, use, disclose, transfer, store, retain or otherwise process your information when you (whether you are a person or business) access or use in any manner any Square services (including, but not limited to through a Square Invoice, at a point of sale, using Online Store or any of Square API products, or scheduling an appointment) through Square’s website or applications (collectively, “Services”); or otherwise contact or interact with us, even if you have not applied or signed up for a Square account or other Service or downloaded one of our applications. https://squareup.com/us/en/legal/general/privacy-no-account

 

This Privacy Notice describes how Block, Inc. and our affiliates (collectively, “Square,” “we,” and “us”) collect, use, disclose, transfer, store, retain or otherwise process your information when you choose to:
(i) receive a digital receipt after you make a purchase at a Square Seller;https://squareup.com/us/en/legal/general/buyer-features

​

Your Rights

​

Under the GDPR, you have the right to:

 

• Access your personal data - Rectify, erase or restrict your data - Object to the processing of your data - Request transfer of data (data portability).

• You may withdraw your consent for me to hold and process your data at any time. However, if you do this while actively receiving psychological services, the services would have to end. You can withdraw your consent by stating this on an email to contact@croftcounselling.co.uk

• If you have any concerns about the way I handle your data please contact contact@croftcounselling.co.uk. If you feel this has not been resolved effectively you have the right to contact the Information Commissioners Office (www.ico.org.uk) 

Changes to this policy

 

We reserve the right to make changes to this Privacy Policy at any time and if you are in therapy with Croft Counselling, we will send you notice of this via your agreed method of contact.