It is important that the information collected about you is kept safe and handled carefully. As a registered data controller with the Information Commissioners Office, Serenity Counselling complies with the General Data Protection Regulations and the Data Protection Act 2018. The following information provides details of the information processed about you when you enter counselling.
Prior to the first session of counselling, information about you will be collected. Here’s a list of the information requested:
In addition, a brief written record will be created which will include the main aspects of what is discussed between you and the counsellor during each session.
The information is collected for the following reasons:
Personal information about you is processed in order to fulfil the counselling contract between you and Serenity Counselling, or because you have asked Serenity Counselling to take specific steps before entering into a counselling contract.
Information about you will only be shared under the following circumstances:
Information about you is stored for 7 years from the date of the final session or communication. Once this time period has elapsed, all information about you is securely destroyed.
Session records and all information processed about you are encrypted and/or kept in a secure place. All relevant and up to date security protections are in place and meet the requirements of the General Data Protection Regulations (GDPR) and Data Protection Act 2018 (DPA2018). All email and voicemail providers which Serenity Counselling utilises to send/receive emails and store voice messages, adhere to the GDPR and DPA2018.
You have a right to:
You can contact Serenity Counselling to make a data access request or complain if you think your rights are not being respected. Please include your full name, address, date of birth, contact number and an email address. If making a verbal or electronic request, you will be asked to verify your identity via photo identification including a utility bill or a bank statement. The data controller, Christian Davies-Trigg, may contact you to verify your details before the request is approved. The GDPR states your request must be completed within 1 month. The contact details are as follows:
If you remain dissatisfied, then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at:
Information Commissioner’s Office