Privacy Policy

Secure Storage

With the client’s permission, I retain the following information:

  • Name
  • Date of birth
  • Telephone number
  • Email address
  • GP name and practice address
  • Basic information about family background e.g. siblings, parents, partners, children

Your personal information is stored securely, in locked files. Your address and phone number etc, are stored separately from any session notes. Your phone number and email are stored in my password protected phone under your personal code. I make brief, handwritten notes of counselling sessions as an aide-memoire and for supervision purposes. These notes are kept under non-identifiable client code; in the case of letters/emails to third parties requested by clients, a copy is retained with any personal information securely redacted. These are retained for 6 years (as a requirement of my insurance) and are then securely destroyed. All your date is used in a safe and ethical manner in line with EU General Data Protection Regulations May 2018 (GDPR). It is not shared with other people without your consent.

Right to Access

You have a right to ask for a copy off your personal information, free of charge (for the first request), in electronic or paper format. You also have the right to ask me to amend or change any incorrect information about you. I reserve the right to charge for any subsequent requests for your personal information.

Right to be Forgotten

You have the right to ask me to erase any information that I hold about you. This includes your personal information that is no longer relevant to original purposes, or if you wish to withdraw consent. In all cases and when considering such requests, these rights are obligatory unless it is information that I have a legal obligation to retain (e.g. for clients aged under 18 years).

Data portability

As the client, you have the right to receive your personal information which you previously provided. You also have the right to transfer that information to another party. For the purposes of the GDPR 2018, the ‘data controller’ is Hayley Barnett – trading as Hayley Barnett Counselling – sole trader.