Privacy Policy

Last updated: January 2024

1. Introduction

Karin Young Counselling ("we", "our", "us") is committed to protecting your personal data and respecting your privacy. This privacy policy explains how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

As a counselling service, we understand the particularly sensitive nature of the information you share with us. We treat all personal and therapeutic data with the highest level of care and confidentiality.

2. Data Controller

The data controller responsible for your personal data is Karin Young Counselling, based in South London, United Kingdom. If you have questions about how your data is handled, you can contact us at [email protected] or by telephone on 07588 771704.

3. Information We Collect

We may collect and process the following categories of personal data:

• Contact information: your name, email address, telephone number, and postal address.
• Enquiry information: details you provide when completing our contact form or during an initial consultation call.
• Health and wellbeing data: information about your mental health, personal history, and therapeutic needs shared during sessions. This is classified as special category data under UK GDPR.
• Session records: brief clinical notes taken for the purpose of providing continuity of care.
• Technical data: if you use our website, we may collect your IP address, browser type, and pages visited through cookies or analytics tools.

4. Lawful Basis for Processing

We process your personal data on the following legal bases:

• Consent: when you contact us or agree to begin therapy, you consent to us processing your data for the purpose of providing counselling services.
• Legitimate interest: to respond to enquiries and manage our practice effectively.
• Vital interests: in rare circumstances where there is an immediate risk of harm to you or another person.
• Legal obligation: where we are required to disclose information by law or court order.

For special category data (health information), the lawful basis is explicit consent, which you provide when agreeing to engage in therapy.

5. How We Use Your Information

Your personal data is used for the following purposes:

• To respond to your enquiry and arrange consultations.
• To provide counselling and therapeutic services.
• To maintain clinical records as required by professional standards.
• To communicate with you about appointments and your ongoing care.
• To comply with legal and regulatory obligations.

6. Confidentiality and Disclosure

Everything discussed in therapy is confidential. We will not share your personal information with any third party without your explicit consent, except in the following limited circumstances:

• Where there is a serious and imminent risk of harm to you or another person.
• Where disclosure is required by law or court order.
• Where there is a safeguarding concern involving a child or vulnerable adult.
• In the context of clinical supervision, where your identity is anonymised.

7. Data Storage and Security

Your personal data is stored securely and access is restricted to authorised personnel only. Client records are kept in encrypted digital storage. Paper records, where used, are stored in a locked location. We take appropriate technical and organisational measures to protect your data from unauthorised access, loss, or damage.

8. Data Retention

Clinical records are retained for a minimum of seven years from the date of your last session, in line with professional guidance and insurance requirements. Contact form submissions and enquiry data are retained for up to 12 months after the last communication. After the relevant retention period, data is securely deleted or destroyed.

9. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

• Right of access: to request a copy of the personal data we hold about you.
• Right to rectification: to request correction of inaccurate or incomplete data.
• Right to erasure: to request deletion of your data, subject to legal and professional obligations.
• Right to restrict processing: to request that we limit how we use your data.
• Right to data portability: to request your data in a structured, machine-readable format.
• Right to object: to object to processing based on legitimate interest.
• Right to withdraw consent: to withdraw your consent to data processing at any time.

To exercise any of these rights, please contact us using the details provided above.

10. Cookies

Our website may use cookies to improve your browsing experience and to collect anonymised usage data. You can control cookie settings through your browser. Disabling cookies will not affect your ability to contact us or access information on this site.

11. Third-Party Services

Our website may contain links to third-party services such as scheduling tools or social media platforms. These services have their own privacy policies, and we are not responsible for how they handle your data. We encourage you to review the privacy policies of any third-party service you use.

12. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection.

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

13. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page with an updated revision date.