Privacy Policy


What is the purpose of this notice?

To describe how we collect and use personal data about you in accordance with the General Data Protection Regulation (GDPR).


What we need

Maida Vale Counselling Ltd. (also trading as Psychotherapy with Heart and Soul) will be what’s known as the “Controller” of the personal data you provide to us. We will collect basic personal data about you for organisational purposes, which includes name, address, e-mail, telephone number, Skype/Facetime contact and in some cases with your consent, financial information (payment information such as a debit/credit card).

In accordance with good practise guidelines, we may also keep session notes, which may include more sensitive personal information about you (known as Special Category Data). These are kept on paper only.

Also in line with good practise guidelines, the counsellor/psychotherapist will be in supervision, which is strictly confidential and while special category data will be discussed, we take great care to make sure the individual client is not identifiable.


Why we need it

We need to know your basic personal data in order to schedule appointments with you, send invoices, if you wish, inform you of any special workshops and of course to review progress and provide the best service to you we possibly can.

We will not collect any personal data from you we do not need to provide and oversee this service to you.


What we do with it

We only ever use your personal data with your consent, or where it is necessary:

  • to enter into, or perform, a contract with you

  • to comply with a legal duty

  • to protect your vital interests

  • for our own (or a third party’s) lawful interests, provided your rights don’t override these.

In any event, we’ll only use your information for the purpose or purposes it was collected for (or for closely related purposes).

We may process personal information for certain legitimate business purposes, which include some or all of the following:

  • where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our customers

  • to identify and prevent fraud

  • to enhance the security of our network and information systems

  • to better understand how people interact with our websites

  • to provide postal communications which we think will be of interest to you

  • to determine the effectiveness of promotional campaigns and advertising.

Whenever we process data for these purposes we will ensure that we always keep your personal data rights in high regard and take account of these rights at all times.

When we process your personal data for our legitimate interests, we will make sure that we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object to this processing if you wish. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.

With your consent, we may also use your data to liase with other health care practitioners involved with your care or a medical insurer on your behalf.


Where we keep it

We are based in the UK (and mainland Europe) and we store our data within the EU. Some organisations which provide services to us may transfer personal data outside of the EU, but we will only allow them to do if your data is adequately protected.

For example, some of our systems use Microsoft products. As a US company, it may be that using their products result in personal data being transferred to or accessible from the US. However, we will allow this, as we are certain personal data will still be adequately protected (as Microsoft is certified under the USA’s Privacy Shield scheme). Similarly, we use QuickBooks Online for accountancy purposes.


How long we keep it

We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored depends on the information in question and what it is being used for.

For example, session notes have to be kept for seven years after the end of the therapy.

We continually review what information we hold and delete what is no longer required. We never store payment card information. We will not retain your data for any longer than necessary.


What we would also like to do with it

We would, however, like to use your name and e-mail address to inform you of our future offers and similar products. This information is not shared with third parties and you can unsubscribe at any time via phone, e-mail or on our website.


What are your rights?

We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:

the right to confirmation as to whether we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as a data subject access request)

the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason)

the right to have inaccurate data rectified

the right to object to your data being used for marketing or profiling; and

where technically feasible, you have the right to personal data you have provided to us which we process automatically based on your consent or the performance of a contract. This information will be provided in a common electronic format.

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.

If you wish to raise a complaint on how we have handled your personal data, you can contact Madeleine Böcker , who will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.

Online:

Google analytics

This site may use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs.

We only use this information for statistical analysis purposes, and IP address information is anonymised.


Links

Our website may contain links to other websites. If you use a link to navigate to a third-party website, you should note that we do not have any control over that website or how they use your data.

We therefore cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.


Contact forms

The data you submit may be checked through an automated spam detection service.


Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version

  • used operating system

  • Referrer URL

  • Host name of the accessing computer

  • Time of the server request

  • IP address

A merge of this data with other data sources will not be done.