Privacy Statement

I have written this statement to let you know that I use the information I collect in accordance with all laws concerning the protection of personal data, including the Data Protection Act 1998 and the General Data Protection Regulation that becomes law on 25th May 2018.  As per these laws, I am the ‘data controller’ and the ‘data processor’.  For clarity I have written a website privacy statement and a practice privacy statement below.

Contact details: deborah(Replace this parenthesis with the @ sign); 07977 147502

Website Privacy Statement

This website statement applies to: including sub domains (e.g.

The purpose of this statement is to explain what information is gathered about you and how your data is used whilst accessing or interacting with any pages belonging to the website

This WordPress website is hosted by DreamHost

Information collected about you:
When using pages from certain information may be collected from you by cookies.

What are cookies?
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic and lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

This website uses traffic log cookies to identify which pages are being used. This allows data to be analysed in terms of web page traffic. The information is only used for statistical analysis purposes. A cookie in no way provides access to your computer or any information about you, other than the data you choose to share.

It is possible to set your computer browser to decline the cookies from all websites. How to do this varies depending on your browser. Your website browser’s help facilities should be able to explain how you can do this, although it may prevent you from taking full advantage of the website or links to other websites.

This website contains links to other websites that may be of interest. However, once you have used these links and leave the site, please note that does not have any control over other websites and cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites and, as such, these sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website you visit.

Practice Privacy Statement

The purpose of this statement is to explain how your data is used when contacting me by phone or email. It contains information on data that would be collected about you if you were to book an appointment and undertake sessions with me, and also explains any limitations to confidentiality.

What information is retained and for how long?
In order to fulfil my role as psychotherapist and counsellor I retain the following information for seven years from the date of your last appointment (as required by my professional indemnity insurance) before it is securely destroyed:
• Initial assessment record – handwritten notes of our initial meeting;
• Handwritten session notes – I make brief notes of the salient points of each session;
• Contact sheet that contains name, date of birth, phone number, email address, postal address, GP details (kept separate from session notes);
• The signed agreement;
• Bank statements that will show your name if you pay by bank transfer;
• Transcribed text messages or printed emails.
The above information is stored in a locked filing cabinet.

The following information is stored digitally:
• Invoices (if you have requested them) – retained for 5 years after the 31 January submission deadline of the relevant tax year (as per HMRC regulations);
• Enquiry emails – enquiries from potential clients are kept for 6 months before being deleted;
• Client emails – these are printed off and stored, before being deleted, if relevant for our work together;
• Your name, telephone number and email address are stored on my smartphone and laptop for the duration of our work together so that I can contact you. The information is deleted as soon as our work ends. Both my smartphone and laptop are password protected. My smartphone is encrypted with post IOS 7 security;
• I have a professional will in place so that, if I were incapacitated or were to die, your first name, mobile number and email address would be accessed by one of two trusted clinical psychotherapists so that they could inform you. This information is stored on Google encrypted cloud storage and is deleted as soon as our work ends.

Will your information be shared?
Your information is kept confidential, however there are exceptions to this:
If I believe you are at risk of harming yourself or others, I reserve the right to break confidentiality in order to prevent harm. However, I would only do this in extreme circumstances and would try to discuss it with you first before taking any action;
• From time to time I will discuss our work with a clinical supervisor. This is standard practice for psychotherapists at all levels of experience and it helps me to work as well as I can with you. (My supervision meetings are bound by the same code of ethics and confidentiality as I am);
• If required by a court of law to give evidence (e.g. in criminal proceedings).                                    • I am bound by law to report any information I receive concerning terrorism, drug trafficking, or money laundering;
• I have a professional will in place so that, if I were incapacitated or were to die, your first name, mobile number and email address would be accessed by one of two trusted clinical psychotherapists so that they could inform you.  This information is stored on Google encrypted cloud storage and is deleted as soon as our work ends;

Your rights:
You have the right to:
• request access or a copy of the personal data that I hold about you;
• request for any inaccurate or out of date information to be corrected and/or updated;
• request for your data to be erased that is no longer necessary for me to retain. Requests for your notes and information linked to identifying them as yours cannot be erased before the 7 year period. Notes are required for me to comply with legal obligations. This makes such information exempt from requests for erasure. However, any other data would be erased at your request;
• withdraw consent at any time for your information to be processed. Again with the exemption of note keeping and associated information;
• request for your data to be portable. This means that your information can be transferred to a different data controller.

For more details on your rights you can visit the Information Commissioner’s website:

If you have any concerns about how your information is held:
If you have any concerns about the information held about you then please either discuss this in one of our sessions or contact me on deborah(Replace this parenthesis with the @ sign) If you feel I was not able to resolve your concern you can contact the Information Commissioner’s Office on 0303 123 1113, by email at or by post to The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.