Privacy policy

Niddrie Therapy and Coaching
Privacy Policy and Data Retention Statement

I take the protection of your data very seriously and I aim to be fully compliant with current General Data Protection Regulation legislation (GDPR) and to let you know how I use and protect the data you’ve given me. GDPR replaces the previous Data Protection Act. I wish to be transparent with the processes I have in place. Identifiable information, if shared, will only be used in accordance with this privacy statement.

I am registered with the Information Commissioners Officer (ICO) and my registration number is ZA558087.

What information do I collect?

Depending on the therapy chosen, I may collect some or all of the following personal data such as name, address, date of birth, gender, GP/medical practitioner details, telephone number, email address and payment information such as recording a cheque payment. I may also collect any data you give me regarding personal history, family background, alongside potentially sensitive data relating to your medical and mental health conditions.

What do I use the information for?

  • To provide services relating to your needs
  • Taking notes about our sessions for both you and I to reflect upon as we progress
  • To notify you of appointments and the services I provide
  • To fulfil administrative, legal, ethical and contractual obligations
  • To share resources (e.g. website links, book recommendations) with you relevant to any work I undertake and only with your consent

What information do I share?

I will not share any information about you with other organisations or people except in the following situations:

  • Consent – I may share information with relevant medical professionals or others whom you have requested or agree I may contact
  • I may discuss my work with a clinical colleague who is bound to the same code of ethics
  • Serious harm – I may share your information with the relevant authorities if I have reason to believe this may prevent serious harm being caused to you or another person
  • Compliance with law – I may share information when the law requires me to – i.e. safeguarding, terrorism, drug trafficking, serious crime and the NHS ‘Test and Trace’.

How do I keep your information safe?

  • All information you provide to me is stored as securely as possible. I take all reasonable precautions to prevent the loss, misuse or alteration of information given
  • All paper forms, notes and correspondence are kept in locked filling cabinets and all electronic files are kept on password protected devices with virus protection software
  • For webcam appointments I recommend we use Zoom or Skype which are secure platforms
  • Client notes and any other forms of documentation are destroyed seven years after the completion of coaching or a therapy
  • Any known data breaches will be reported to the ICO within 72 hours

Your rights

Under the GDPR, you have the right to:

  • Access your personal data by making a subject access request either verbally or in writing. Any request for personal data will be acknowledged within 3 working days and supplied within one month from your request
  • Rectification, erasure or restriction of your information where this is justified and appropriate (for example some information may be retained for patient safety and insurance purposes)
  • Object to the processing of your information where this is justified
  • Request transfer of data (data portability)
  • You may withdraw your consent for me to hold or process your data at any time. However, if you do this whilst actively receiving coaching or a therapy these would have to end. You can withdraw your consent by stating this via email to alison@therapyandcoaching.co.uk
  • If you have any concerns about the way I handle your data, please discuss with me in person or e-mail. If you feel this has not been resolved effectively you have the right to contact the Information Commissioners Office (ico.org.uk)
  • Any complaints about my services, please put in writing to myself and I will acknowledge receipt within 3 working days. I aim to resolve complaints as soon as possible and I welcome any feedback.

Changes to this policy

This document may be amended from time to time. You may request a copy of this policy at any time.