top of page

Privacy Policy

The General Data Protection Regulation 

 

This privacy policy governs the manner in which Jennifer Fox uses, maintains and discloses information collected from clients using Time2Breathe services.  This privacy policy applies to the practice services offered by Jennifer Fox: online, by telephone/video call (Skype or other) or within her private practice. If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

 

Clients seeking therapy will be issued with a paper copy of the Privacy Policy at their Initial Assessment which contains the following information and they will be asked to sign that they understand and agree with how information is collected, stored and held before therapy can commence.

 

Personal Information I collect:

  • Name

  • Occupation

  • Address

  • Preferred contact number (and details of numbers not to call)

  • Counselling history

  • Medical conditions relevant to counselling

  • Medications

  • Client expectation from counselling

  • Doctors or other key specialists contact details (for emergencies)

 

How I store information:

 

Handwritten notes pertaining to sessional content and personal details are kept separate in a locked cabinet.

 

Mobile phone: My work mobile phone is locked and is only accessible using a password. I store contact numbers, but I do not save any full names to numbers, only first names and initials.

 

Email/texts: Email addresses are stored in my Outlook account which is password protected. Text messages are sent to contact numbers identified as above.

 

Website. No personal information is stored on my website other than to momentarily collect and send enquiries to my outlook account for initial contact purposes. They are not stored anywhere after that. Our website interaction with customers is secured using ‘https’ technology. We will notify you and any applicable regulator of a breach where we are legally required to do so.

Third party websites: Clients may find content on my website that links to the sites of other third parties (for example helpful websites, emergency crisis sites). I do not control these sites which have a link to mine, and I am not responsible for how they collect, store or use information

 

Documents held:

  • Contract/Agreement form (client is issued with a copy at commencement of counselling and a copy is held by the counsellor for reference.)

  • Privacy statement signed by client. (client is issued with a copy at commencement of counselling and copy is held by the counsellor for reference.)

  • Assessment form

  • Contact details

  • Client session notes, kept for 5 years to comply with insurance policy terms. 

    • To adhere to BACP good practice guidelines (GP067 – Practical Aspects of Record Keeping) We at Time2Breathe will need to keep separate subjective process/ reflective notes. These notes must be kept completely anonymously, and this means no identifying features must link them to the client. In this way the notes remain the property of the counsellor and part of the process of refection or training. If these notes are completely anonymised, then they are not subject to GDPR.​

 

How I may share your personal information:

  • Supervision: I attend monthly clinical supervision to ensure my practice remains safe and ethical. Session details and client first name may be shared with my Supervisor.   

  • Therapeutic Will: Your name and contact details will be shared with my Therapeutic Executor so that in the unlikely event of my sudden death you can be contacted should you still be in therapy with me. My Therapeutic Executor will sign a confidentiality agreement document.

  • Emergencies: If your health is in jeopardy, I may share your details with a healthcare service professional such as your GP or Mental Health Crisis Team.              

 

Erasing your information: All electronic enquiries are erased after 3 months. All texts and contact numbers are erased 3 months following the cessation of therapy.

 

I hold your written information for up to 5 years following the cessation of therapy. This is so I have a reference should you decide to return to therapy in the future, also to comply with my professional insurance requirements. 

 

Your Rights:

  • Right to Access: You have the right to ask for a copy of your personal information, free of charge, in an electronic or paper format. You also have the right to ask me to amend or change any incorrect information about you.

  • Right to be Forgotten: You have the right to ask me to erase any information that I hold about you. This includes your personal information that is no longer relevant to original purposes, or if you wish to withdraw consent. In all cases and when considering such requests, these rights are obligatory unless it’s information that I have a legal obligation to retain.

  • Data Portability: As the client, you have the right to receive your personal information which you previously provided, also you have the right to transfer that information to another party. For the purposes of the General Data Protection Regulations (GDPR) 2018, the data “controller” is Jennifer Fox (Time2Breathe)   

  • Right to Object: You have the right to bring a claim before your competent data protection authority

 

Definitions and Legal References

 

Personal Data (Data)

Any information that directly, indirectly, or in connection with other information allows for the identification of a natural person.

 

Usage Data
Information collected automatically through the website which can include: the IP addresses or domain names of the computers utilised by the Users who use the website, the time of the request, the method utilised to submit the request to the server, the country of origin, the browser and the operating system, the time details per visit and the path followed within the website and other parameters about the device operating system and/or the User’s computer environment.

 

User
The individual using the website who, unless otherwise specified, coincides with the Data Subject.

 

Data Subject
The natural person to whom the Personal Data refers.

 

Data Processor
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

 

Data Controller (or Owner)
The Data Controller, unless otherwise specified, is the Owner of this Website.

 

This Website
The means by which some of the Personal Data of the User is collected and processed.

 

Services
The services provided by this Company (Time2Breathe) as described in this Privacy Policy.

 

European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

 

Cookies
A small piece of Data stored in the User’s device.

bottom of page