It is important that the information collected about you is kept safe and handled carefully. As a registered data controller with the Information Commissioners Office, Serenity Counselling complies with the General Data Protection Regulations and the Data Protection Act 2018. The following information provides details of the information processed about you when you enter counselling.

Prior to the first session of counselling, information about you will be collected. Here’s a list of the information requested:

• name
• date of birth
• home address
• phone number
• email address
• emergency contact name and number
• if you have a disability or mental health issue
• what medication you may be taking for a mental health issue
• name of doctor’s surgery and address 
• other health information 

In addition, a brief written record will be created which will include the main aspects of what is discussed between you and the counsellor during each session.

The information is collected for the following reasons:

• To adhere to insurance requirements 
• To adhere to the requirements of our professional body, the British Association for Counselling and Psychotherapy (BACP) 
• To help support you further if your situation significantly deteriorates 
• To support the continuity and accountability of the counselling process 
• To provide you with appointment details and self-help material 
• To contact you in case of cancellation or to discuss an onward referral (e.g. referral to a GP or other service) 
• To contact your GP or those who care about you in case of an emergency

Personal information about you is processed in order to fulfil the counselling contract between you and Serenity Counselling, or because you have asked Serenity Counselling to take specific steps before entering into a counselling contract.

Information about you will only be shared under the following circumstances:

• It is a requirement of the BACP that counsellors receive regular supervision in order that clients receive the best possible provision of counselling. During that supervision your identity is changed. Supervisors also adhere to a strict code of confidentiality. 

• If it becomes apparent during a session, or in consultation with a supervisor, that there is an imminent risk of significant harm to you or to others, then disclosures may have to be made to the appropriate agencies. This is usually done in consultation with you and only information concerning the risk would be disclosed.

• By requirement of a court order, or statutory law (e.g. drug trafficking or terrorism).

• In conjunction with the counsellor’s Therapeutic Will. This would only be enacted in the event of the counsellor’s death, disability or other unexpected circumstances that would prevent the counsellor from continuing to engage in counselling with you. If this occurs, your name and contact details will be shared with the Therapeutic Executor. The Therapeutic Executor will contact you to make you aware of the event, and depending on your circumstance, may signpost you to alternative support. Your contact information will only be shared if you are currently receiving counselling. This does not apply to you if you have already ended your time with the counsellor.

Information about you is stored for 7 years from the date of the final session or communication. Once this time period has elapsed, all information about you is securely destroyed.

Session records and all information processed about you are encrypted and/or kept in a secure place. All relevant and up to date security protections are in place and meet the requirements of the General Data Protection Regulations (GDPR) and Data Protection Act 2018 (DPA2018). All email and voicemail providers which Serenity Counselling utilises to send/receive emails and store voice messages, adhere to the GDPR and DPA2018.

Serenity Counselling accepts payment via iZettle which provides two methods in which to pay (web based or card reader). For security reasons, the full procedure for using the web based payment facility is set out in the counselling agreement. This agreement will only be provided when the first appointment has been provisionally booked, and through encrypted means. When you use the iZettle web based payment facility, this redirects your browser to the iZettle website to make payment. The second payment method is used for paying in person when you meet with the counsellor face-to-face. This uses an iZettle credit/debit card reader. Both systems, whether web based or card reader are securely encrypted and fully PCI compliant. Serenity Counselling does not share any of your information with iZettle, or have access to full details of your credit/debit card which you provide to iZettle to make payment. For information about how iZettle process your data when making payment, please review the iZettle ‘end-customer’ section of their privacy policy, and security information page.

Serenity Counselling will not request payment from you in any way other than those which are set out within the counselling agreement or agreed between you and the counsellor when you meet with them in person.

By accepting cookies (small data files) when you first arrive at our website, it allows our website hosting company (GoDaddy.com) to place the cookies in your browser. This will gather data, such as page views within the website, and helps us to optimise how fast our website pages load. This type of data does not contain personally identifiable information. We do not use any other third party cookie to gather data.

You have a right to:

• Access the personal information held about you
• Request that a correction is made to any mistakes you think have been made to personal information about you
• Request that personal information held about you is deleted
• Request that processing of your personal information is restricted
• Request that personal information about you is securely transferred to another organisation
• Request that processing of personal information about you is ceased

You can contact Serenity Counselling to make a data access request or complain if you think your rights are not being respected. Please include your full name, address, date of birth, contact number and an email address. If making a verbal or electronic request, you will be asked to verify your identity via photo identification including a utility bill or a bank statement. The data controller, Christian Davies-Trigg, may contact you to verify your details before the request is approved. The GDPR states your request must be completed within 1 month. The contact details are as follows:  

Serenity Counselling 

Goodrich Grove

Newport,

NP10 8SY

Complete this form to make the data access request

If you remain dissatisfied, then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at: 

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

www.ico.org.uk

You may still be unsure about certain aspects of the process and have further questions before making a data access request. You can either ask the question via this contact form or call Christian via phone to discuss.