top of page

Therapy Lodge Privacy Policy

Your privacy is taken seriously and as a result, I adhere to the data protection legislation including the General Data Protection Regulation

(the GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.  Your data and personal information will only be used for the purpose given to me and as explained below.  Please note that I’m required to have regular supervision with a registered UKCP therapist however any personal identifying information (PII) is kept to a minimum to ensure your privacy.

 

Contact Details:

The registered address is 2 Selwyn Court, 1 Fitzwilliam Close, London, N20 0AQ.

I am also registered as a data controller with the Information Commissioner’s Office (ICO). Registration number ZB520679.

The ‘data controller’ is the person or company that determines the purpose for the data collected and how it is collected and stored.

If you have any questions about this privacy policy, you may contact me by:

​

Email: tijen@therapylodge.co.uk

Phone: 07480106924

Or using the registered address given above.

​

This privacy policy may be modified occasionally as regulations are revised and any changes will be amended on the website.

 

The Lawful Basis for Processing Data:

The lawful basis for processing your personal data is for legitimate interests.  I will collect and process your data solely for the purpose of the agreed contract of which is necessary and reasonably expected of me.

You may disclose sensitive personal information about yourself which I’m legally obliged to collect, process and store safely.  The GDPR calls this ‘special category personal information’.  The lawful basis for processing special category information is for the provision of health treatment (therapy) and necessary for a contract with a health professional.

 

How your data is used:

​

Initial contact

When you contact me either by phone, email or via the contact form on my website to discuss therapy, I will collect information that is relevant to fulfil the enquiry.  This includes the following:

​

  • Name

  • Email address or other contact information

  • Reason for the enquiry (you do not have to provide much detail about your reason for wanting to attend therapy)

​

If you do not proceed, I will delete all the personal data provided to me within one month.  Please contact me if you would like your personal data deleted any sooner.

Your personal data will only ever be used to aid in the service I provide you.  Your email address, phone number and any other contact details will only be used to contact you about your appointment and anything else you have given consent for me to send you that may help with your sessions.

​

During therapy

During our first appointment (this is not the initial consultation) I will ask you to complete a form which will collect the following personal information about you:

​

  • Name

  • Address

  • Date of birth

  • Contact information

  • Preferred method of contact

  • Medical history

  • Contact details for your GP

​

​Please be assured that your GP will only ever be contacted if I feel it is necessary and will seek consent from you wherever possible before doing so. Everything you share with me within our sessions is confidential and I’m required by law to protect your confidentiality.  I also abide by the UKCP code of ethics regarding your privacy and confidentiality.  Confidentiality will be broken if there is a legal requirement for me to do so.  This includes the following:

  • A court order which requires me to disclose information about you.

  • To prevent or provide knowledge of a serious crime including an act of terrorism, drug trafficking or money laundering.

  • If I observe physical signs that an act of female genital mutilation may have been carried out on a girl under the age of 18 or I am informed by a girl under the age of 18 that she has undergone an act of female genital mutilation.

  • If I am concerned about the welfare of a child or vulnerable adult.

  • If I believe that you may intend serious harm to yourself or to others.​

​​

​I may break our normal confidentiality if I become aware (or have good reason to believe) that you have knowledge of:

  • A past, present or future incident/situation that may be dangerous or harmful to you, another adult or a child and that is not known to the relevant authorities.

  • Future or past criminal activity that has not been resolved in law. This means any criminal activity, of which the relevant authorities are either unaware or a case they know about which they consider not to be closed (provided you do not present information in therapy which would reasonably re-open the case). This does not include parking or traffic offences unless there is intent, by you or anyone else, to cause danger to yourself or others, or that it is deemed to be a serious offence.

​​

If an occasion arises where I feel confidentiality must be broken, I will always attempt to discuss this with you first unless there are safeguarding issues which prevent this.

​

For our purposes a serious offence is:

‘Murder, manslaughter, rape, treason, kidnapping, child abuse or other cases where individuals have suffered serious harm or there is serious harm to the security of the state or to public order and crimes that involve substantial financial gain and loss.’

​

Any personal information retained on paper is kept securely in a locked filing cabinet that can only be accessed by me or my clinical supervisor and will not be shared with any third parties.  Any contact details or personal information on a device connected to the internet which includes my work smartphone and laptop are password and VPN protected, use encryption software and have firewalls set up where relevant.  Only my clinical supervisor and I have the password details to access these devices. 

​

Any notes I make of our sessions are made purely to support the work we are doing together and are kept to a minimum.  These are kept in a locked filing cabinet and do not include any personal information which may identify you. Your case notes are kept digitally on a device connected to the internet which includes my work smartphone and laptop which are password and VPN protected, use encryption software and have firewalls set up where relevant. Only my clinical supervisor and I have access to this and the information within will not be shared with any third parties.

​

I may discuss your case with my clinical supervisor who will have access to your contact details in case I am unexpectedly unable to contact you and will offer ongoing care.  My supervisor is a therapist who is a registered member of the UKCP and abides by their code of ethics.

​

I do not keep any email, text, or electronic message correspondence for more than one month.  If there is relevant information contained in the correspondence between us, I will print this and keep it securely in a locked filing cabinet that only I can access.

​

After therapy has ended

I will keep your personal information, including contact details and case notes for 7 years after our last session together at which point all personal information about you will be securely destroyed.  This includes any records I have about you on paper, which will be shredded, and any information stored digitally which will be securely deleted. 

 

Third party recipients of personal data:

There may be occasions where I share a limited amount of your personal data with third parties specifically for tax and accounting purposes of which I’m legally required to comply with.  For example, my accountant is authorised to access my invoices for tax purposes.  Please be assured that the organisations I work with have been carefully chosen and have data agreements in place to ensure that they do not use any of your personal information in any other way other than the task in which they’ve been contracted.  Your personal information will never be given to a third party for the purpose of sales, marketing, or research.

​

If you pay for each session electronically, a third-party payment processor is used to process the transaction and as such they will hold your data.

​

How I keep your data secure:

The security of your personal data is important to me, and I take every effort to make sure it is kept and disposed of securely.  Please see above for more information on how and where your data is held.

 

Protecting your own data:

I take all the necessary precautions to ensure your personal data is safe however I am not in control of any data you send me (including emails).  Please ensure that you protect your own data when considering what email address to use when contacting me, for example, and if any documents you send over need to be password protected.  Additionally, please consider the contact information you give me and if this is a secure method for me to communicate with you to protect your privacy.

 

Visitors to the website:

My website uses cookies which is a small amount of data generated by a website and saved by your web browser.  I use this information in conjunction with a third-party service called Google Analytics to collect standard internet log information and details of visitor behaviour patterns.  This data is anonymised and is processed in a way that does not identify anyone.  I collect and use this data in this way to improve my website.  I do not allow Google to make any attempt to find out the identities of people visiting my website.  I only collect the anonymised data I need to improve my service to you and do not give your data to any third parties for the purpose of sales, marketing, or research. Read the Google Analytics Privacy Notice here.

​

When you visit my website, I use legitimate interests as my lawful purpose for holding and using your personal data in this way.

I use Wix as the content management system for the website and you can find out about their data protection policy here.

If you decide to use the contact information form on my website, this data will be temporarily stored on the web host before being sent to me.

 

Your rights:

You have several rights to access your personal data under the General Data Protection Regulation (the GDPR) and Data Protection Act 2018 (DPA).  You can read more about your rights here.

​

You have the right to ask me to delete your personal information, to limit how I use your personal information, or to stop me from processing your personal information.

You have the right to request that I correct any personal information I hold about you which is inaccurate or needs updating.

You have the right to request that any personal information I hold about you is transferred to another individual or company.

You have the right to request a copy of any personal information I hold about you which will include the following:

  • A description of what the information is and how I got it

  • Tell you why I am holding it and how long I will store it for

  • Tell you who it could be disclosed to

  • Provide you with a copy of this information in an understandable way

​​

To make a request for any information related to your rights as listed above, please do so in writing by emailing tijen@therapylodge.co.uk.  If you make this request from an email address I do not recognise, I may ask for more information to confirm your identity.  I aim to respond to your request within 30 days, unless not possible to do so.  Please be aware that in some instances it may not be possible for me to comply with your request.  For example, if I am required by law to retain information about you by a court order.

 

Complaints and queries:

If you are unhappy with how I handle your personal data, please do get in touch with me in writing via email at tijen@therapylodge.co.uk.  I welcome any feedback in how to improve my services and your complaint will be taken seriously.

If you would like to make a formal complaint about the way I have used or processed your personal data, you can contact the ICO which is the statutory body that oversees data protection law in the UK.  For more information go to ico.org.uk/make-a-complaint.

bottom of page