Privacy Policy

The purpose of this statement is to let you, the client, know what personal information I collect and hold, why I collect this data, how long it is stored for, your rights over your personal data and what happens if there is a data breach.

I am committed to complying with the terms of the General Data Protection Regulation (GDPR) and to the responsible and secure use of your data. As the Data Controller, I have a legitimate interest in processing personal data to provide counselling services. I am registered with the Information Commissioner's Office (ICO), reference A8731643.

1. Information about you

1.1 When you enquire about Counselling I ask for your name, contact details, availability and other relevant personal information that is needed to answer your enquiry, set up an initial appointment, and to keep you informed. This information is handwritten onto a contact form and stored securely in a locked filing cabinet. Your email address, phone number and any emails we exchange are stored online in a secure encrypted online email server for Laura Simmonds Therapy. Your phone number and email will also be stored in my work mobile phone, which is passcode protected and stored in a locked filing cabinet when not in use.

1.2 I collect personal information about you during our Assessment Session, which helps to identify what you need from therapy and whether I can provide it. This includes information about your contact info, medical history, family relationships and emergency contacts. I handwrite this information onto a paper form and store it in a locked filing cabinet.

1.3 After each counselling session, I handwrite brief anonymised case notes. These do not contain any identifiable information, including names or places. I store these in a locked filing cabinet, separate from your personal information gathered in 1.1 and 1.2. If we share emails whilst working together, I may print and store them in the same way, removing your email address first.

1.4 For the purposes of administration, I hold an anonymised log of client meeting dates and payment received.

1.5 Once you finish Counselling, all data gathered in 1.1, 1.2 and 1.3 is stored securely for 5 years (or the time you state) and then destroyed.

2. Use of this information & data sharing

2.1 Your data will be used only to provide you with my services and to give you information relating to my services. I will not use your personal information for marketing purposes.

I will not share your details with any other person or organisation without your knowledge and permission unless there is a specific concern or legal requirement as stated in the counselling contract. A breach of confidentiality is when a person shares information with another in circumstances where it is reasonable to expect that the information will be kept confidential.

3. Security

3.1 I will take all reasonable precautions to prevent the loss, misuse or alteration of information you give us. These include but are not limited to the following:

a) Online Storage of Information:

All electronic personal information is stored in password protected documents and, where relevant, on a secure, online storage facility.

b) Email:

Communications in connection with this service may be sent by email. If and when we communicate by email I will use an encrypted web-based email server. This means anything sent to or from my email address is secure. I encourage you to use a similar encrypted email address as well. This will make sure anything sent to or from your email address is also secure. A free and secure email provider is www.hushmail.com.

Whilst I will endeavour to keep our systems and communications protected against viruses and other harmful effects, I cannot bear responsibility for all communications being virus-free.

c) Video conferencing:

I use a secure online video conferencing service. However, I would also suggest that you do not reveal your full name or any personal address details whilst we are engaged in online counselling appointments as this helps to maintain the privacy of your sessions. If we use a whiteboard during sessions, I will delete it as soon as the session is over. If it is needed for future sessions, with your permission I will save it using an anonymised client code in a password protected document.

d) Telephone:

I store your telephone number in a mobile phone along with any text messages to/from you. Your name is not used and numbers are stored under a client code. This phone is password protected and stored in a locked filing cabinet when not in use.

e) Payment information:

I ask clients to pay via bank transfer using their initials as the reference. I keep a record of payments in a password protected document using an anonymised client code.

f) Website:

I run a website, https://www.laurasimmondstherapy.uk, to provide information about my services and contact details. I collect minimal data in order to provide counselling service and information to potential clients - name, email address and contact message. The website displays a cookie banner so visitors can opt in or out of cookies being stored on their device. The activity log is disabled so visitors IP address and other personal data is not collected.

On the website, my Privacy Policy is available to view explaining what data I collect, how its stored and your rights over your data. The link can be found in the footer and on the 'How therapy works' page.

4. Your rights over your personal data

4.1 You have the right to see your personal data and you can ask for your records to be updated at any time. You can also request that your data be erased. If so, I’ll securely destroy all notes, assessment forms and correspondence within 14 days of your request. I will keep your basic contact information along with dates of when our sessions took place for up to 5 years from the end of our work, in order to meet my professional obligations. For children and young people, I will keep your records for 5 years from your 18th Birthday.

In order to provide therapeutic counselling to you in a safe way, I need to keep information like your assessment form and session notes. If you do not agree to me keeping this information, or if you request I destroy your notes while we’re still meeting for therapy sessions, I will no longer be able to provide counselling and our work will come to an end.

If you would like to see the information I hold about you, or would like to correct, update or delete any records, please email me at laura@laurasimmondstherapy.uk.

If you have any concerns about my use of your data, please contact me directly at laura@laurasimmondstherapy.uk. I will do my utmost to resolve any concerns you have. If for any reason I cannot resolve the issues you may choose to contact the ICO directly.

5. How long I store your data and deleting your data

5.1 Unless you’ve otherwise requested, I will keep your data for a maximum period of 5 years, in order to meet my professional obligations. After 5 years has elapsed from the end of our work together (or 5 years from the client turning 18 years old, if the client is under 18 at the time of working together), I will delete and/or destroy your assessment form, client notes, all correspondence and contact information. I will keep date/ times of our sessions along with your anonymised client code.

6. What happens if there is a data breach

6.1 If there is ever a data breach, I will immediately investigate what happened and clarify who has been affected and to what extent. If you’ve been affected, I’ll let you know what’s happened as soon as possible, and explain what action I’m taking to limit and repair any harm. I’ll also notify my supervisor, the BACP and the ICO as well.

7. Disclaimer

In order to provide counselling in a safe and confidential way, I use a range of online platforms and software provided by third parties. These include but are not limited to Apple, Zoom, Google Workspace, Squarespace, Intego Anti-Virus Software, BT Broadband (internet service provider), and Vodaphone (mobile service provider).

I will do my utmost to offer the highest standard of confidentiality. I regularly carry out due diligence checks to make sure these pieces of software and online platforms are secure, at the time of working with you. However, I cannot guarantee that these third party providers are 100% secure as I do not have control over them. I disclaim any responsibility should something happen to any of them, which compromises your safety and security.