What type of information do I collect?

Information that you provide by filling in the contact/consultation form on requesting services.

This will include such information as full name (you and any child/children/other family members wishing to receive therapy),

DOB, home address, telephone number and email address.

Therapy notes are kept of each appointment, as well as initial assessment/consultation notes.

I will also be holding any consent, agreement or risk documents that will be collected through the length of treatment.

If you contact me by phone, letter or email, records of the correspondence may be kept. My phone is password protected as well as face recognition.

Payment - Payment will be made through PayPal or using BACS. Information needed for this will be collected and stored within the site's own security settings.

Why do I collect this information?

So that I have a record of your attendance and a note of important factual information that may be of significance in your sessions. (It is a requirement of my insurance provider.)

It is also a requirement of EFT International to uphold Accreditation that notes are kept under GDPR guidelines.(I am bound by their code of ethics and conduct).

In order to be able to communicate via phone, e-mail or post if necessary.

How do I store information?

All notes are digitally written up and are stored securely in an encrypted cloud based site. The storage facility is compliant to GDPR legislation, and has their own privacy policy in place.

Any handwritten notes/pieces of work will be scanned into your own identifiable folder, and originals shredded.

Each client has their own identifiable folder within the secure setting. Initials and dates are recorded as identifiable folder/files.

Phone numbers and any messages received/sent will be stored on my phone’s own hard drive. My phone is password protected and twice authenticated.

Disclosure of your information

There are a limited number of circumstances in which I may share personal data and other information with third parties. 

Confidentiality will be maintained within the codes of ethics and legal requirements.  Confidentiality does not apply where it would mean that I might break the law or where  withholding information means I would breach the codes of ethics. Confidentiality may be  breached if I consider there is a risk you may harm yourself or others. In such exceptional  circumstances, where there is concern for your wellbeing or that of others, it may be  necessary to seek help outside the practitioner-client relationship. You will normally be  consulted first. 

In the case of a disclosure concerning acts of terrorism, vulnerable adult or child protection  issues or drug trafficking, confidentiality will be breached and such disclosures will be passed to the relevant authority without delay. Due consideration should be exercised  before disclosing anything of a previously unreported criminal nature, as I am obligated to  contact relevant authorities.

If a client requests and/or gives me consent to share their information with another health professional for the purposes of improving their care, I may discuss some aspects of my client work with my supervisor who is an experienced practitioner also bound by the rules of confidentiality. Initials will be used and no identifiable information will be shared in discussions.

My insurance provider requires me to keep any client records for 7 years after completing treatment. After 7 years from completion of treatment sessions, all electronic data will be permanently deleted, and any hard copies shredded and disposed of.

Third Party information

Zoom/Skype are compliant with the EU-US Privacy Shield agreement. They also have a GDPR compliance statement on their websites. All sessions will be encrypted to include the video, audio and screen sharing.

Paypal may share minimal details that are needed to complete payment. These are stored securely on both sides of the transaction.

All Social Media sites, such as FB, Twitter and Instagram state that they are also GDPR compliant.

Policy Updates

I reserve the right to modify this privacy policy at any time. Changes and clarifications will take effect immediately upon their posting on the website. If I make material changes to this policy, I will notify you here that it has been updated, so that you are aware of what information I collect, how I use it, and under what circumstances, if any, I use and/or disclose it.

If you would like to: access, correct, amend or delete any personal information I have about you, you are invited to contact me at Julianne.alexanderuk@gmail.com and I will send the information to you within 40 days of receiving your request.