Statement of Intent
This policy sets out how we at Love to Feel Good use and protect the information that you provide when you use our services and our website.
It is our intention to ensure that any data you provide is managed respectfully, kept secure and only used for the purposes for which it has been provided.
This policy will be updated from time to time in line with prevailing legislation.
When you contact us via our website, phone or email we will collect your:
And any information you choose to supply regarding the purpose of your enquiry.
What we do with this information
We use this information in order to make contact with you to discuss your requirements.
Data collected at the Initial Consultation
We need to collect your GP contact details and health information: there are some conditions which are contraindicated for hypnotherapy. Sometimes we need to make contact with your GP if this is relevant to your treatment.
We use the Initial Consultation Form during your first appointment to collect data about your general emotional well-being, about any physical symptoms of anxiety, the reasons for your visit and any other information that you may want to share with us. All information is confidential and we do not share it unless we are required to do so by law or in circumstances arising potentially affecting your personal health and safety or safety of other persons. Please see ‘Your Rights’ for further details.
Use of data in research
We collect anonymous data from clients to measure our outcomes to ensure that we deliver the highest possible standard of treatment. We do this by using the CORP software that has been specifically designed for Solution Focused Hypnotherapy. The data collected measure seven aspects of your emotional wellbeing. These are levels of your: Positive Thoughts, Positive Interactions, Positive Actions, Confidence, Strengths and Resources, Achievements and Happiness. We collect this data via Bar Chart at each session to monitor progress. Each client is registered anonymously under a number, their condition, age and gender. This data is also used for research purpose to allow for these to be collected nationally in order to measure the effectiveness of Solution Focused Hypnotherapy. You can opt out of this data collection at any stage of the treatment by letting us know in witing.
Data collected during sessions and after the therapy
In the course of our sessions we will make notes of information you provide to us in order that we can plan future sessions and produce language patterns which will be used in session.
After your therapy finishes we will send you a Feedback Form to learn from you about your experience. You can opt out of this. We use this feedback to review the standard of our service.
We receive personal data into Love to Feel Good by these means:
- text message
- voicemail message
- third party e.g. receptionist
- via an internet website
- via a referral
- in person
- social media
Once we identify that we receive personal data from a specific means, we next secure those means, protecting:
- mobile phones, physically and also ensuring they are password-protected, ensuring there is security on the content itself
- computers and lap tops are safeguarded and password protected, private information cannot be accessed by other users
- phone messages, everyone who takes messages has been trained in GDPR
- hard copy files are stored in a locked cabinet behind a locked door.
- internet sites are protected by security
Reasons and purposes of information processed
- We process personal information to enable us to provide health services to our clients, to maintain our accounts and records. We have a obligation to keep our records for 8 years, after this your information will be securely destroyed. Children’s data is stored until they reach 25. If a client is 17 years old at the start of the therapy, their data is kept until the age of 26.
Under the General Data Protection Regulations which are effective from 25thMay 2018 you have the following rights:
The GDPR includes the following rights for individuals:
- the right to be informed (which is why we have produced this policy).
- the right of access (if you wish to see your file then please make a request in writing to Veronika Geeson at email@example.com, the Data Processor. We will provide you with the information within 30 days of your request).
- the right to rectification (this is your right to request changes to any information we hold that is factually inaccurate. If you believe any of the information we hold about you is incorrect then please let us know as soon as possible and we will make the appropriate changes
- the right to erasure (given the nature of our work we are required to hold our details for a period of 8 years, after this your information will be securely destroyed.) Children’s data is stored until they reach the age between 21 and 25. If a client is 17 years old at the start of the therapy, their data is kept until the age of 26.
- the right to restrict processing (we will only use the information for the purposes that we have stated: most standards of confidentiality applied in professional contexts are based upon the Common Law concept of confidentiality where the duty to keep confidence is measured against the concept of “greater good”. If in the therapist’s opinion there is good cause to believe that not to disclose would cause danger or serious harm to self, the therapist or others, your GP or other appropriate agencies may be contacted. Only information required to ensure safety of relevant parties would be disclosed. Information may have to be disclosed without consent for the prevention, detection or prosecution of a crime. The sharing of anonymous case histories with supervisors and peer support groups is not a breach of professional confidentiality
- the right to data portability: we will not share your information, other than in the situations described above, without your specific consent
- the right to object (we will not contact you for marketing purposes unless you have given us specific agreement to do so)
- the right not to be subject to automated decision-making including profiling (we will not use your information for profiling purposes).
We use a data processor for the purposes of administration (including appointment making) and accounts. The data processor is trained for GDPR purposes and fully compliant with the requirements.
The clinic premises may operate CCTV surveillance for the purposes of security. We have received written assurance from the owners of the premises that any data obtained via CCTV is protected in accordance with the GDPR.
Cookies are small files which ask permission to be placed on your computer’s hard drive so that we can analyse web traffic to our site. Through this we can see which of our website’s pages are being viewed and are of interest. Most web browsers automatically accept cookies but you can modify your setting to decline them if you prefer. If you choose to do this you may find you cannot make full use of our website.
Links to other websites
ICO Registration No: ZA344546