This page sets out my privacy policy as required under GDPR. It describes how I look after and use any information you may give me, either as a client, a prospective client, someone who has communicated with me about my services, or as a visitor to my website. It also describes your privacy rights.
+ Data Controller
As a sole trader, I (Robert Hunter) am the Data Controller and am registered as such with the ICO.
+ Reasons for Collection of Information
I am only allowed to collect personal information for proper and lawful reasons. At every stage of my relationship with you, your information will only be processed if it meets at least one of the following conditions.
- To fulfil my counselling agreement with you. This includes the collection of information before we enter into a explicit or implicit counselling agreement, during your counselling and after the counselling has concluded.
- To send out information about upcoming events and groups to you if you have subscribed to the mailing list on my website.
- To ensure I am giving you a professional and ethical service that complies with the Codes of Practice of the professional organisations I am a member of, and the requirements of my insurers.
- When it is my legal duty to collect, store, use or transfer information in order to comply with legislation or the instructions of a court of law
- When it is required to maintain my own safety, your safety or the safety of third parties.
- To monitor the effectiveness of my website, and/or other marketing activity
- To enable financial transactions between us
+ How Information is Collected
The personal identifiable information I collect, store and use comes from our conversations, emails, texts, phonecalls and your use of my website.
The information others may hold comes from our online communication and/or from financial transactions between us.
+ Types of Information Held
Personally Identifiable Information I hold-
- Your contact Information, preferred contact methods & preferred response to accidental contact
- ICE (In Case of Emergency) contact information. You agree to inform your ICE contacts that you have given their information to me and have their consent for this. (NB. You do not need to gain explicit consent from your GP.)
- Socio-demographic & locational information, including age, gender, past & present location, employment and relationship history, ethnicity, education, health financial status. and past/present relationships.
- Communication Information from letters, emails, texts, phonecalls and interactions with my website.
- Contracts & Consents. Information about Contracts & Consent such as signed letters of consent.
- Information required to fulfil the counselling agreement between us.
- Information about financial transactions between us
Anonymised information I hold-
- Information derived from sessions (Case notes)
Third Parties may also hold information gathered through your interactions with me. This includes,
- Information derived from the use of cookies on my website. (Note 1)
- Information derived through email, SMS, phone contact between us (Note 1)
- Information derived from our use of videoconferencing applications (Note 1)
- Information from your subscribing to my mailing list. This is held by Mailchimp.
- Information about financial transactions between us
- Information derived from the location of our phones (Note 2)
Note 1 - this is meta-data such as date, time, IP address and duration of communication, and usually does not include the content of the conversations. If you are concerned about third parties holding or accessing the meta-data or content of communication please inform me of this and we can explore the use of specialised communication applications to mitigate this. Note 2 - Modern Smartphone applications upload the location of the phone to the application server. This can result in applications such as Facebook deriving a connection between us.
+ Storage of Information
I store information in two forms
- Digitally -
- Contact information - Held on Phone, Laptop and backed up in the cloud and locally
- Emails - These are held on a laptop, phone and backed up on local devices.
- SMS Texts -These are held on a phone, and backed up in cloud storage.
- Calendar appointments - (anonymised). These are held on a phone, laptop and online system. They are backed up both locally and online.
- Mailing List information you provided if you signed up to my mailing list. This is held by a third party (Mailchimp)
- In Paper form -
- Anonymised case notes and information from sessions This is held in a locked filing cabinet
- Letters, signed consents and agreements, sociodemographic information. This is held separately to the case notes also in a locked cabinet
- Information about financial transactions (bank statements). This is held in separately to the above in a file in an unlocked cupboard.
Third Parties may hold information in any form.
+ Sharing of Information
Who I may share personally identifiable information with
- Statutory bodies when required to by law or instruction of a court of law
- Your emergency contacts in case of an emergency
- Statutory bodies when required to avoid harm to you, me or others
- My accrediting/ethical membership body, insurers and professional advisers in the case of you making a complaint against me
- My professional executor, in the case of my incapacity or death.
- A lawyer - If your information is requested by a court or you raise a legal action against me I may take legal advice, in order to clarify whether the court has jurisdiction, and whether the request meets the strict legal criteria required in such cases. In this situation I may consult a lawyer to help me make an informed decision about whether to release some or all the information I hold to the court. Personal information pertinent to the decision will be made available to the lawyer, who will be bound by a Professional Code of Conduct.
Who I share anonymised personal information with
- Clinical Supervisors (including specialist supervisors) in order to ensure I am operating effectively and ethically
- Other counsellors who are members of a Professional Register in order to gain insight and information from others who may be more experienced than me.
With your written permission I may share anonymised information with
- Other counsellors attending workshops Continuous Professional Development events
- Counselling tutors and examiners in order to gain additional qualifications and accreditations.
+ How long will I keep your information
I will keep your information for a variety of lengths of time depending on how it is held
- Digital Information - Basic contact information - contact information, emails, texts, messages and calendar appointments. For technical reasons this information cannot be entirely erased and could therefore remain accessible to a technically competent person until the storage device is destroyed or securely wiped and reformatted.
- Paper information - Notes and paper copies of contact information, emails, created media. These will be shredded 3 years after counselling ends. Paper information gathered during the introductory session will be shredded after 14 days if you have not contacted me to arrange paid sessions.
+ Marketing
I will never use your information for marketing, or contact you to market a service to you unless you have specifically given consent in writing or have signed up to my mailing list.
+ Sending of information outside the EU.
I will not knowingly send your personal information outside the EU unless
- I am required to in order to comply with the instructions of a Court of Law
- I have to do so in order to defend myself against a legal action or a complaint brought by you.
+ Cookie Policy
Cookies are small pieces of information that are placed in your browser to track how you travel through this site and possibly across other websites. some are essential to running this website. Click here to see my cookie policy and a list of cookies that are found on this site on this page.
+ Your rights
You have a range of legal rights including
- the right to access your personal information
- the right to require me to change any factual mistakes in the information I hold.
- the right to withdraw your consent to the non-essential processing of information (See Note 1)
- the right to request the deletion/destruction of your personal information (See Note 1)
You can withdraw consent to the use of your personal information and/or request its destruction however there are limits to this right laid down in the legislation. For example you cannot demand the destruction of records of financial transactions.
Note 1 - Case Notes and the Contact details card are shredded. Be aware that it is sometimes impossible to completely erase digital information such as emails and texts from backup devices.
For more information about your Information Privacy Rights or to make an Information Privacy orientated complaint you can contact the Information Commissioners Office through their website https://ico.org.uk/
+ Changes to this policy.
If I have to make changes to this policy that are inconsistent with the original purposes for which your data was collected I will notify you in advance wherever possible and give you the opportunity to withdraw consent for your information to be processed.