This is freely available on my website: www.atbhypnotherapyandcoaching.com
OUR PRIVACY AND COOKIES POLICY
ATB Hypnotherapy and Coaching is committed to respecting your privacy and the privacy of every visitor to my web site and person completing a form.
Should you have a question about the data stored, my contact details are:
I, Angela Browne and the data controller and processor of ATB Hypnotherapy and Coaching.
The information collected about you will only be used lawfully (in accordance with the Data Protection Act 1998 and the General Data Protection Regulation 2018 (GDPR)).
This information will not be disclosed to anyone outside ATB Hypnotherapy and Coaching or its associated companies, partners, and other parties with which ATB Hypnotherapy and Coaching has arranged services for your benefit.
The information held is expected to be accurate and up to date. You have the right as an individual to find out what information is held about you and make changes if necessary; you also have the right, assuming I am not obligated by law to refuse, to ask for your information to be removed or rectified. To have your information removed or rectified, please contact email@example.com
The type of information that I will collect, and you voluntarily provide on this website form includes:
* Your name
* Email address
* Email requests
You are under no statutory or contractual requirement or obligation to provide your personal information; however, the information above is required in order for your initial enquiry to be dealt with in an efficient and effective manner.
Further information may be collected during agreed hypnotherapy or coaching sessions which may include:
*Information you provide as part of the therapy or coaching session
*Records of interventions, tools and approaches I have used in sessions
*Emails, text or messages sent between us
Some of the information you provide may fall under the definition of Special Category Data as set out by the GDPR. The condition for processing this special data is “processing is necessary for medical diagnosis, the provision of health care or treatment pursuant to contract with a health professional”.
Data is not shared with anyone, except possibly your GP, and for any reasons covered by the Requirements for Disclosure which are detailed and discussed when we first meet and form part of our contract. My accountant will see bank records which will contain any information that you provide when making payment. If you would like me to redact your identifiable data before sending to the accountants then please let me know.
The basis on which data is kept is for ‘legitimate purpose’ only to enable me to provide therapy and coaching services and only reasonable and relevant data will be stored.
Details of where data is held:
· Any emails sent between us are held either on my computer’s hard drive or exchange server or if archived, in Dropbox which is a GDPR compliant, secure cloud-based storage. Any emails held on my mobile phone are fingerprint/code protected.
· Any texts/Whatsapp messages/Messenger messages sent between us held on my mobile phone are fingerprint/code protected (See social Media Policy).
· Your notes are handwritten and are kept in a locked filing cabinet. A coding system enables the therapist to know whose notes are whose, but a stranger seeing the notes would not be able to identify who they refer to.
· If you use online banking then clearly these systems will hold your data. I download from these systems for accounting purposes only and the resulting spreadsheets are held in Dropbox before being sent to my accountant using a secure shared drive.
Unless otherwise required by law, your data will be stored for a maximum period of 10 years after our last contact or until no longer required by my insurance provider, at which time paper records (case notes) will be shredded and electronic records (case notes, emails, text messages) will be deleted.
PROTECTION OF PERSONAL INFORMATION
ATB Hypnotherapy and Coaching takes precautions, including administrative, technical, and physical measures, to safeguard your Data against loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and destruction.
ATB Hypnotherapy and Coaching uses industry-standard efforts to safeguard the confidentiality of Data, including encryption, firewalls and SSL (Secure Sockets Layer). Reasonable administrative, technical, and physical security controls have been implemented to protect against the loss, misuse, or alteration of your Data.
· I am not in control of data (including emails and texts) which you send me
· Apps such as Facebook routinely access any information held and this is beyond my control.
If there is any breach of data security ATB Hypnotherapy and Coaching will give full details to the Information Commissioners Office and any person affected within 72 hours of the breach and do all possible to minimise any potential impact.
You have rights with regards to the data held:
The right of access. I will provide you with all data I hold on you as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).
The right to rectification. If any data I hold is incorrect, just let me know and I will correct it as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).
The right to erasure. If you wish me to erase your data just let me know and I will delete any computer records and shred any paper records as soon as I can following a request (and definitely within 30 days, unless this is impossible due to holidays or illness).
The right to restrict processing. This would usually be a stop-gap measure before correction of any errors or before erasure
The right to data portability. This might apply if you want your notes sent to another therapist for example, but it is likely that the easiest solution would come under the right to access, i.e. I would send the data to you.
If you have a concern about how we handle your data, or you would like to lodge a complaint, you may do so by contacting The Information Commissioners Office.