Privacy policy.
Who I am and how I process your personal data
Therapy with Amy complies with her obligations under the General Data Protection Regulation (GDPR) by keeping personal data up to date; by storing (and destroying it) securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
I use your personal data for the following purposes
To deliver the service that you have requested;
To contact those clients as necessary in accordance with the services they have requested;
To maintain my own accounts and records.
Individual client data will never be passed to a third party without the express consent of the respective client, always provided that such confidentiality is neither inconsistent with the therapist’s own safety or that of the client, the client’s family members or other members of the public, nor in contravention of any legal action or legal requirement.
In accordance with my need to maintain the possibility of access to client data as a result of returning clients or those who may wish to lodge a complaint in respect of our professional services to either our professional body or our insurers (i.e. in all cases perhaps after a long period of time has elapsed), I retain client data for a minimum period of 7 years.
We may collect, store and use the following kinds of personal information about individuals who visit and use our website:
Information you supply to us. You may supply us with information about you by filling in forms on our website. We share this information with Squarespace, our online store hosting provider, so that they can provide website services to us. This includes information you provide when you submit a contact/enquiry form, book a session. The information you give us may include your name, address, e-mail address and phone number.
Information our website automatically collects about you. With regard to each of your visits to our website we may automatically collect information to power our site analytics, including the following:
Information about your browser, network, and device
Web pages you visited prior to coming to this website
Your IP address
This information may also include details about your use of this website, including:
Clicks, Internal links, Pages visited, Scrolling, Searches, Timestamps
We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity.
Information we automatically collect about you will be used:
to administer our site including troubleshooting and statistical purposes;
to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
security and debugging as part of our efforts to keep our site safe and secure.
This information is collected anonymously and is not linked to information that identifies you as an individual. We use Google Analytics to track this information. Find out how Google uses your data at https://support.google.com/analytics/answer/6004245.
We do not rent, sell or share personal information about you with other people or non-affiliated companies.
We will use all reasonable efforts to ensure that your personal data is not disclosed to regional/national institutions and authorities, unless required by law or other regulations.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Cookies
This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies dropped on your device, visit The cookies Squarespace uses.
These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.
These analytics and performance cookies are used on this website, as described below, only when you acknowledge our cookie banner. This website uses analytics and performance cookies to view site traffic, activity, and other data.
My Lawful Basis for processing client personal data
The GDPR states that I must have a lawful basis for processing your personal data. There are different lawful bases depending on the stage at which I am processing your data. I have explained these below: If you have had therapy with me and it has now ended, I will use legitimate interest as my lawful basis for holding and using your personal information. If you are currently having therapy or if you are in contact with me to consider therapy, I will process your personal data where it is necessary for the performance of our contract. The GDPR also makes sure that I look after any sensitive personal information that you may disclose to me appropriately. The lawful basis for me processing any special categories of personal information is that it is for provision of health treatment (in this case therapy) and necessary for a contract with a health professional (in this case, a contract between me and you).
How I use your data
Initial contact. When you contact me with an enquiry about my therapy services I will collect information to help me satisfy your enquiry. This will include your name, email address, phone number, the issue you are seeking support for.
While you are accessing therapy. Everything you discuss with me is confidential. Please particularly note that your practitioner’s therapeutic notes (or any element from them) are only available to them and will not be shared with anyone else, except in the following cases:
(1) with emergency services and/or other people or professionals involved in your care, in the following circumstances: a. in cases of terrorism, drug trafficking or money laundering; b. if you are at risk to yourself or someone else; or c. where you or others are in danger;
(2) anonymously within your practitioner’s clinical/peer supervision;
(3) if your practitioner is ordered by a court of law;
(4) pursuant to your practitioner’s “therapeutic will” (which means therapeutic notes will be passed to another therapist, probably your practitioner’s clinical supervisor, for safekeeping in the event of their death or loss of capacity), in which case your therapeutic notes will be held to the same standard as set out in this agreement.
I will collect and keep a record of your personal details to help the therapy services run smoothly. These details are kept securely and are not shared with any third party. I will keep written notes of each session, these are kept securely.
After therapy has ended. Once therapy has ended your records will be kept for 7 years from the end of our contact with each other and are then securely destroyed. If you want me to delete your information sooner than this, please tell me.
Email Marketing
This website operates an email newsletter program using Flodesk email marketing software, used to inform subscribers about products and services supplied by this website, and blog posts/news/articles/products/services that may be relevant. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
All personal details relating to subscriptions are held securely and in accordance with the GDPR law. Under the GDPR law you may request a copy of personal information held about you by this website's email newsletter program.
Email marketing campaigns published by this website or its owner via the email software may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database stored on the email software for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity. This information is used to refine future email campaigns and supply the user with more relevant content based around their activity. Subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
The right to request a copy of your personal data which Therapy with Amy holds about you;
The right to request your personal data is erased where it is no longer necessary for Therapy with Amy to retain such data;
The right to withdraw your consent to the processing at any time;
The right to request that I provide the client with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable).
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
The right to object to the processing of personal data, (where applicable)
The right to lodge a complaint with the Information Commissioners Office. (See below).
Third party links
Our site may, from time to time, contain links to and from the third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Third party recipients of personal data
I sometimes share personal data with third parties, for example, where I have contracted with a supplier to carry out specific tasks. In such cases I have carefully selected which partners I work with.
I may share your personal data with the parties set out below:
• service providers who provide IT, financial and system administration services;
• professional advisers including lawyers, bankers, accountants and insurers who provide consultancy, banking, legal, insurance and accounting services;
and • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.
I require all third parties to whom we transfer your information to respect the security of your personal information and to treat it in accordance with the law. I only allow third parties to process your personal information for specified purposes and in accordance with my instructions.
Complaints Notice
The client has the right to complain to the Independent Commissioner’s Office (ICO) if they think there is a problem with the way I am handling their data.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.
Contact
Questions, comments and requests regarding this privacy policy should be addressed to Amy Townsend:
hello.therapywithamy@gmail.com