Privacy Policy
Privacy Policy of windmill-counselling.co.uk
This Website collects some Personal Data from its Users.
Owner and Data Controller
Emma Utley
Owner contact email
TBC
Your privacy is important to me.
It is my policy at Windmill Counselling to respect your privacy regarding any
information I may collect from you across windmill-counselling.co.uk. This privacy
policy will inform you as to how I look after your personal data when you visit this
website and tell you about your privacy and rights and how the law protects you.
Your continued use of windmill-counselling.co.uk will be regarded as acceptance of
my practices around privacy and personal information and that you are agreeing to be
bound by my terms and conditions, all applicable laws and regulations, and agree that
you are responsible for compliance with any applicable local laws. For the purposes of
the General Data Protection Regulations (GDPR) May 2018, the data controller is
Emma Utley. I am registered with the ICO No: ZA628871.
1. Right to be informed: I am required to inform you how windmill-counselling.co.uk
collects, stores and disposes of your data in the form of written documents, client
notes, emails, contact forms, cloud-based client data storage, text messages,
voicemails, website visits and appointment updates through text or email. Data,
collected with your knowledge and consent, is collected solely to provide an
appropriate service. Personal information provided by you is for referral and
commencement of the service only. Emails are processed by Microsoft and hence
subject to their privacy policies. I recommend that no sensitive information be shared
via email.
Your personal information will be used only to provide you with my services and to
give you information relating to my services. I will not share your personal details
with any other person or organisation without your knowledge and permission, except
where required by law.
If there is a safeguarding issue, or a perceived risk of harm to self or others, personal
information may be shared with relevant third parties.
Personal data or personal information means any information about an individual
from which that person can be identified, such as your name and contact details. It
does not include data where the identity has been removed (anonymous data). Basic
written contact details such as Name, Age, Address, GP information will be stored
securely. Written notes will be coded with your initials and date of first session. (e.g
LCJan21) and kept separate to your contact details. Written notes will be kept secure
for 7 years after your last therapy session in line with my insurance policy. After such
time they will be shredded. Emails, texts, voicemails will be kept for up to 7 days
after your sessions have ended, after which time I will delete them.
All electronic devices which hold personal data are password protected and stored
securely with reasonable measures to prevent loss and theft, as well as unauthorised
access, disclosure, copying, use or modification. Please note I may retain your
personal data for a longer period than set out above in the event of a complaint or
dispute.
If you have any questions about how I handle user data and personal information,
please feel free to contact me via the ‘contact’ section of my website. You have the
right to make a complaint at any time to the Information Commissioner’s Office
(ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). I
would, however, appreciate the chance to deal with your concerns before you
approach the ICO so please contact me in the first instance.
2. How your data will be used: I will only use your personal data when the law allows
me to. Most commonly, I will use your data in the following circumstances:
Where I need to perform the contract we are about to enter into or I have entered into
with you.
Where it is necessary for our legitimate interests (or those of a third party) and your
interests and fundamental rights do not override those interests; or
Where we need to comply with a legal obligation.
Your data will be used, for example, to register you as a new client and in the course
of performance of my contract with you.
I will only use your personal data for the purposes of which I collected it, unless I
reasonably consider that I need to use it for another reason and that reason is
compatible with the original purpose. If you wish to get an explanation as to how the
processing for the new purpose is compatible with the original purpose, please contact
me.
If I need to use your personal data for an unrelated purpose, I will notify you and I
will explain the legal basis which allows me to do so.
Please note I may process your personal data without your knowledge or consent in
compliance with the above rules, where this is required or permitted by law.
3. Right to access: You have the right to request a copy of the information held on
you. I may need to request specific information from you to help me confirm your
identity and ensure your right to access your personal data (or to exercise any of your
other rights). This is a security measure to ensure that personal data is not disclosed to
any person who has no right to receive it.
4. Right to rectification: You have the right to correct any inaccurate or incomplete
data.
5. Right to be forgotten: In certain circumstances, you can ask for the data I hold on
you to be erased from my records, unless I have a legal obligation to retain the
information.
6. Right of portability: You can request that I transfer any data I hold on you to
another company.
7. Right to restrict processing: You can request that I limit the way I use your personal
data.
8. Right to object: You have the right to challenge certain types of processing, such as
direct marketing.
9. Right related to automated decision-making including profiling: You are free to
request a review of automated processing if you believe the rules aren’t being
followed.
I reserve the right to update this document and terms and conditions at any time
without prior notice.
Please see my Cookie policy for information on how this website uses Cookies.
Should you choose to engage my services, I will ask you to sign a copy of this Privacy
Statement to confirm you have read and understood this statement and that you
consent to your personal information being collected, stored and used in this way.
This policy is effective as of 19 th July 2024.