Privacy Statement



Your privacy and confidentiality are treated with great care. Personal information is handled in accordance with the UK General Data Protection Regulation, the Data Protection Act 2018, and the ethical framework of the British Association for Counselling and Psychotherapy.

I collect and process personal information in order to provide psychotherapy services, manage appointments, maintain clinical records, communicate with clients, manage payments, meet professional obligations, and comply with legal, safeguarding, insurance, accounting, and regulatory requirements.

The information I may collect includes your name, contact details, GP details, emergency contact details, relevant health and personal history, assessment information, consent forms, therapy notes, EMDR notes, reports or letters, correspondence, appointment information, payment records, and limited enquiry information.

Records are kept only where necessary to support safe and effective therapeutic work. Therapy notes are concise and focused on relevant clinical information. They are not detailed transcripts of sessions.

Clinical records are stored securely in Proton Drive and on a secured MacBook. My official private-practice email system is IONOS. Hospital email is used only for hospital-related work and is kept separate from private-practice records.

Google Calendar may be used for appointment management, using first names or client codes only where possible. FreeAgent and PayPal may be used for financial records. Proton Meet or Microsoft Teams may be used for online meetings. Microsoft Business may be used for limited business tasks, such as drafting documents or creating resources. Final clinical documents and client records are stored in Proton Drive.

WhatsApp, SMS, telephone, email, and voicemail may be used for brief communication about appointments or practical matters. These are not used as the formal clinical record. Gmail is treated as a legacy system and is not used as the standard private-practice communication route.

I do not routinely keep audio or video recordings of therapy sessions. Where a recording or transcript is created for clinical notetaking, administration, accessibility, or accuracy, it is treated as temporary working material. Recordings are deleted once no longer needed. Transcripts are normally deleted within a few days once the clinical note or relevant record has been completed, unless there is a specific documented reason to retain them.

I may use digital tools, including AI-assisted tools, to support administration, drafting, formatting, summarising, or creating therapy resources. Identifiable client information is not entered into cloud-based AI tools. Where AI tools are used, information is de-identified first, and any output is reviewed by me before being used.

Confidentiality is central to therapy. Information will not be shared with third parties unless there is a legal, ethical, safeguarding, or professional obligation to do so. This may include serious risk of harm, safeguarding concerns, legal obligation, court order, terrorism concern, money laundering concern, or another situation where disclosure is required or justified. Where information is shared, only the minimum necessary information will be disclosed.

As part of professional practice, anonymised material may be discussed in clinical supervision to support safe and effective therapeutic work.

Clinical records are normally retained for five years after therapy ends. Before deletion, the record is reviewed. Records may be retained for longer only where there is a documented reason, including complaint, safeguarding concern, legal request, insurance issue, unresolved fee dispute, ongoing risk issue, or professional advice indicating that longer retention is necessary.

Unconverted enquiries are normally deleted after six months unless there is a documented reason to retain them for longer.

You have rights under data protection law, including the right to request access to your personal data, ask for inaccurate information to be corrected, ask for restriction of processing, object to processing in some circumstances, request erasure in some circumstances, and complain to the Information Commissioner’s Office.

Therapy is not an emergency service. Email, WhatsApp, SMS, voicemail, and other messages are not monitored continuously. If there is immediate risk to life or safety, clients should contact emergency services, attend A&E, contact NHS 111 where appropriate, contact their GP, or use an appropriate crisis service.

Any questions about privacy or confidentiality can be discussed at any time.