Privacy and Confidentiality policy
I take your privacy seriously, it’s one of the foundations of a trusting relationship. I will only hold and use your personal data in ways you have freely consented to. Your personal data is defined as anything that can be used to directly or indirectly identify or contact someone.
I am required to keep records for business and insurance purposes. By signing the New Client Information form you give consent for me to hold and use your personal data. In line with this policy.
I will seek additional consent to use your words or image in publicity materials.
What data do I hold?
New client forms
These are electronic and are stored online and backed up on a hard drive. They are protected by strong passwords.
These will be deleted 7 years after your last appointment.
Contact data
This will be held in a mail server which is securely stored online, protected by strong passwords. Contact details may also be held in my mobile phone which is password protected.
These will be deleted 7 years after your last appointment.
Images and photo consent forms are stored online and backed up on a hard drive, protected by strong passwords.
These will be deleted 7 years after your last appointment.
I will never share your contact data.
Client notes
These are a record of each treatment that I write on paper at the beginning of each session and afterwards. I am required to keep these for 7 years for insurance purposes.
Paper records are filed in a lockable filing cabinet, only accessible by me.
These will be destroyed 7 years after your last appointment.
Your rights under GDPR
You have to right to see what information I have stored within 1 month of the request.
You have a right to complain to the ICO if you feel that I have mishandled your personal data in any way.
You have the right to erasure, with some exceptions. The requirement to hold records for insurance purposes is a valid reason for exemption.