As a registered data controller with the Information Commissioners Office, Serenity Counselling complies with the General Data Protection Regulations (UK GDPR), Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003. As such, these laws dictate that information processed about you is kept safe and private, limited to, and only used for the purpose it was provided for. In addition, information processed about you should be accurate and kept for no longer than necessary. The following statement provides details about the information processed about you when you engage with Serenity Counselling.
The UK GDPR requires Serenity Counselling to have and indicate the lawful basis for processing your information. The following points list the lawful basis on which Serenity Counselling processes your information.
Prior to the first session of counselling, information about you will be collected via an encrypted electronic questionnaire that you complete once you have decided to engage in counselling. Alternatively, your GP, other health professional, a parent, or trusted individual may provide your details when making an enquiry on your behalf. Here’s a list of the information that is collected:
In addition, all communication between you and serenity counselling is also collected. This includes:
During your time in counselling, a written record will be created after each session. The following information is collected:
A record of of fees paid and owed are also collected. This may directly involve your payment information if you are self-funding, or invoices to third-parties (i.e. health insurers) if you are being funded externally.
CCTV is in operation within the property grounds, but not in the counselling room. Facial recognition is not used with this facility.
The information is collected for the following reasons:
Information about you will only be shared under the following circumstances:
Session records and all information processed about you are securely encrypted in electronic format only. All relevant and up to date security protections are in place and meet the requirements of the General Data Protection Regulations (GDPR) and Data Protection Act 2018 (DPA2018). All data storage facility, email, and voicemail providers which Serenity Counselling utilises to send/receive emails and store data or voice messages, adhere to the GDPR and DPA2018.
Serenity Counselling accepts payment via a number of ways, including through a third-party electronic system. For security reasons, the full procedure and security measures for using the payment facility is set out in the counselling agreement. This agreement will only be provided when the first appointment has been provisionally booked, and sent to you through encrypted means. When you use the electronic payment system, you may need to provide financial account data such as your credit card number or bank account number to the third-party service provider. Serenity counselling does not have access to full details of your credit/debit card which you supply to the third-party service provider. However, Serenity Counselling receives data about the transaction, including: your name, date, time and amount of the transaction, the type of payment method used, payment transaction identification number. Serenity Counselling does not share any of your personal information with the third-party payment service provider.
Serenity Counselling will not request payment from you in any way other than those which are set out within the counselling agreement or agreed between you and the counsellor when you meet with them in person.
By accepting cookies (small data files) when you first arrive at our website, it allows our website hosting company (GoDaddy.com) to place the cookies in your browser. This will gather data, such as page views within the website, and helps us to optimise how fast our website pages load. This type of data does not contain personally identifiable information. We do not use any other third party cookie to gather data.
You have a right to:
You can contact Serenity Counselling to make a data access request or complain if you think your rights are not being respected. Please include your full name, address, date of birth, contact number and an email address. If making a verbal or electronic request, you will be asked to verify your identity via photo identification including a utility bill or a bank statement. The data controller, Christian Davies-Trigg, may contact you to verify your details before the request is approved. The GDPR states your request must be completed within 1 month. The contact details are as follows:
If you remain dissatisfied, then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at:
Information Commissioner’s Office
If you are still unsure about certain aspects of the process and have further questions before making a data access request. You can make your enquiry either through the contact page or calling 01633 505225 to discuss.
Serenity Counselling reserves the right to make changes to this privacy statement. It is therefore advisable to update your knowledge of this privacy statement on a frequent basis. Serenity Counselling will actively inform current users of the counselling service at the time of an update.