Privacy Policy
Information Commissioners Office (ICO) registration reference: ZA481948
Data controller and processor: Emma Chapman
Data subjects: Clients / Training Attendees
This policy is written with the intention of providing transparent information regarding how Emma Chapman Counselling and Training control and process personal data. To find out more about General Data Protection Regulations (GDPR) and your rights, please go to https://ico.org.uk/for-the-public/ or https://ico.org.uk/global/contact-us/
The service
Emma Chapman provides personal counselling and training by private contract to clients. In many instances, the counselling agreement (See Counselling Agreement Document) is between counsellor and client. Some counselling agreements involve a third party, for example, where parents have brought their child to counselling and fund the counselling, or where a third party such as human resources or private health care company request and fund counselling.
Data collection points
Enquiries to Emma Chapman Counselling and Training are received via a number of channels; in person, telephone, text or email. Initial enquiries usually contain some personal information such as names, emails and telephone numbers. Emails are received via: our marketing on the Counselling Directory/ BACP Directory websites, by clicking a link on Emma Chapman Counselling and Training website which opens an email in your own browser/system or direct contact independent of these methods. Other data is collected at initial meetings and following each counselling session.
Data collection & processing, what information and why do I process it?
Any client data collected and/or retained by Emma Chapman Counselling and Training (including personal information) is solely processed in order to make relevant contact with and provide counselling and training services to clients.
Personal information collected/processed;
Full name
Date of birth
Home address
Telephone number
GP name and address
Parent/Carer Name and telephone number and/or email address (where relevant)
Email address
Other information collected/processed regarding clients/attendees;
Brief session notes made in anonymised form, identifiable only by unique client codes.
Anonymised monitoring information, identifiable by unique client codes
Text messages
Emails
Training Feedback Forms
Third party data collection & processing
The counselling directory and the BACP find a therapist provide robust information regarding their privacy policies and any processing of personal data to all users which can be found at https://www.counselling-directory.org.uk/privacy.html or at https://www.bacp.co.uk/privacy-notice/
Emma Chapman Counselling & Training’s website is hosted by Wix. Your information will be shared with ECC&T via the Wix tools. For more information about how and why Wix store and share information please take a look at https://www.wix.com/about/privacy
Data storage, retention & disposal
Emma Chapman Counselling and Training store paper records, including personal information in a locked filing cabinet and electronic information in password protected and encrypted format (including email, telephone numbers and text). Telephone numbers and anonymised, with those and any text messages being held on password protected professional mobile phones Session/counselling notes are held separately from personal and identifying information in anonymised format. Data is held for a maximum of 5 years after client’s last contact with Emma Chapman Counselling and Training, in line with insurance requirements and GDPR. After this time, data is then disposed of securely and confidentially.
Data sharing
It is rare that any personal information would be shared. As BACP registered counsellors, anonymised client information is shared with professional supervisors (a requirement of registration) in order to maximise service provision to clients. Personal information will not be shared with any other party without prior client consent, with the exception where Emma Chapman Counselling and Training believe that not sharing the information would result in the risk of harm to clients or any other person or if there is a legal requirement to do so.
In the event that Emma Chapman is in some way incapacitated, all records will be destroyed confidentially by the Emma’s supervisor. Every effort will be made to ensure current clients are informed of this action.
Counselling agreements
All clients proceeding with counselling are required to consent in writing to both the parameters of counselling and data collection within a detailed counselling agreement. This agreement sets out elements of the counselling contract with a detailed privacy statement prior to a section where personal data is collected.
For younger clients, they are required to provide written consent themselves where it is deemed that they fully understand what they are consenting to. Parents are requested to provide their consent to their children entering the counselling agreement and required to consent to their own data being processed as detailed, however, this does not mean that they will be privy to any other information the client discloses during the course of counselling, in line with data-sharing above.
Where another type of third party is involved, unless we gather personal information pertaining to themselves, they will not be required to provide their consent, any information shared regarding the client (other than attendance information) will be subject to clients’ providing consent.
Access to personal data and requests to erase, limit use or amend personal data
As clients consent to and provide personal information, they are informed that they can request access this information at any time and provided with details as to where they can learn more about their rights in relation to GDPR. No charges will be made for accessing personal information and the personal information will be provided at the earliest possible time. Clients also have the right to request that data is erased, limited or amended and the right to be compensated for any harm caused by incorrectly processing personal information.
Data breeches
Where there has been a breech to Emma Chapman Counselling and Training GDPR policy, for example data has been shared with a third party without consent or data has not been destroyed in a timely manner, the breech will be reported to the ICO within 72 hours.
This policy is written with the intention of providing transparent information regarding how Emma Chapman Counselling and Training, control and process personal data. If you have any queries regarding this policy, please contact us using the details above. To find out more about General Data Protection Regulations (GDPR) and your rights, please go to https://ico.org.uk/for-the-public/ or https://ico.org.uk/global/contact-us/