Data Protection Policy
​
In 2018 there was a change in the law regarding how organisations have to protect your personal details and records otherwise know as 'data' which is called the General Data Protection Regulation (GPDR). This summary
details how GDPR is applied by clarifying why confidential information is held and how Sudworth Psychology protects this which can be found here
The essentials
-
I cannot work with you unless you give permission for me to keep records
-
I keep information about you in order to provide you with a service, and to process payments
-
I have systems in place to protect your data
-
I follow the law, and codes of practice as regulated by the British Psychological Society (BPS) the Health and Care Professions Counsel ( HCPC)
-
I strive to the highest standards for data privacy. Please speak to me if you have any concerns, questions, or feedback.
-
You have the right to have any inaccurate information corrected, and you are entitled to request a copy of your data free of charge.
-
If you believe I am performing in an unlawful manner, you can complain to the Information Commissioners Office (ICO) here
​
The reasons why information is kept
Part of my professional registration required me to keep information about those I work with and the work that is undertaken. I am unable to offer you a service unless you permit me to keep your data regarding you and our work together.
​
​
The legal requirement
​ I have a legitimate reasons for keeping data. I am registered with the Information Commissioners Office (ICO) to comply with this requirement. I observe the regulations applied the BPS and my professional regulator, the HCPC
​
The information that is kept
-
I keep your personal data such as your name, phone number, and address. I also store sensitive data such as your gender, social history, and our session notes
-
I will collect the information that you provided as well as your internet protocol (IP) address. This address is supplied automatically by the website software. The web services that are used by Sudworth Psychology are themselves verified as GDPR compliant.
-
I also collect data from any health insurance provider that has possibly referred you. I might collect and process this personal data that is provided by that organisation which can include contact information, referral information, authorisation for psychological treatment, and health insurance policy number.
​
​
What is done with your information
There are three reasons as to why I collect your data: 1) to provide you with a service, 2) billing and processing of payments, 3) to help prevent serious harm
​
​
How long your data is kept
I keep your data for the duration of the time that we work together, and in line with professional guidance, for seven years after the work has been completed. Client data such as email address/phone number will be deleted from my computer systems and mobile phone following the termination of our work.
Where your data is kept
-
On my iPad and laptop computer
-
In my email systems
-
In my mobile phone
​
​
How your data is kept safe
-
My laptop is password protected and uses Microsoft Defender Firewall to avert others from obtaining access to my laptop.
-
Your session notes are kept in an encrypted external hard drive. This means that no one can read the data without the encryption key which is either a password or fingerprint.
-
My iPad is encrypted, and can only be opened using a fingerprint or password each time it is in use.
-
Any paper notes or documents are scanned and uploaded to the encrypted hard drive. Once this is completed all paper notes or documents are immediately shredded.
-
My email systems are secured with a password, and need to be verified through a two step verification process.
-
My mobile phone is encrypted, and can only be opened with a password or unlock pattern each time I use it.
-
I use Google Authenticator on my mobile phone to provide me with two step verification codes.
​
​
Your rights
-
You have the right to request details regarding all of the information that Sudworth Psychology keeps and receives about you within 28 working days with no fee
-
You have the right to ask for any information to be corrected if you believe that it in incomplete or inaccurate
-
You have the right to complain if you believe I working unlawfully (please see the essentials above)
Privacy Policy
​
What personal data is collected?
We may collect information such as:
-
Your name
-
Contact information such as your email address
-
Demographic information such as your interests, preferences, and postcode
-
Data about website usage
-
Other information regarding client enquiries
​
How we use this data
The data we collect assists us to understand what you are seeking from the service, allowing us to supply better quality services and products.
​
​
We may use the following data:
-
To improve the services and products that we provide
-
To customise the website to your needs
-
For our own internal records
-
To make contact with you in reply to an enquiry
​
What are cookies?
Cookies are small files that contain small quantities of information which are read off or downloaded to your device when you visit any website through the browser of your tablet, smartphone, or computer. This small file allows data (possibly your personal data) to be stored.
​
Cookies allow applications and websites to store your preferences in order to offer options, content, or functions that are specifically for you. Additionally, they allow us to view material like how many individuals use the website and the pages they tend to visit.
How we utilise cookies
-
To recognise you when you return to our website. We may display to you relevant material or provide the functionality that you formerly used
-
To analyse the traffic to our website using an analytics package. Collected data allows us to improve website content, structure, design, and functions
-
To store information about your preferences. The website will then be able to impart you with information that you will find most relevant and interesting
-
To distinguish if you are signed into our website. A cookie allows us to ascertain whether you are signed into the website
Cookies do not allow us access to your device or any information about you, other than the information you select to part with us
​
How you can manage cookies
You can use your web browser’s cookie settings to regulate how our website applies cookies. If you do not wish our website to store cookies on your device, you should stipulate your web browser to refuse cookies. Please note that is your browser is not set to receive certain cookies from our website, the use of our website’s functionalities can be restricted.
​
If you have not changed your browser’s settings to decline cookies, our website will deliver cookies when you visit
​
​Controlling your information
We will never sell, distribute, or lease your personal data to third parties unless we are required by law or we have your permission.
​
Any personal data that we possess about you is processed and stored in relation to our data protection policy, and in line with the Data Protection Act 2018.
​
​
Security
We hold your information securely.
​
We have executed robust physical and electronic security safeguards to prevent any unauthorised access or disclosure of your information. We follow rigorous measures to certify that we work with all personal material in conjunction with the Data Protection Act 2018.
​
Website Analytics
We gather website traffic data to improve our understanding of how visitors interact with our content. This information is used to comprehend what content is most regularly retrieved and where our visitors are based by country. This information is entirely anonymous.
​
Links from third party websites
Our website may comprise links to other websites.
​
We do not have any control of the websites outside of the domain of sudworthpsychology.com. If you are providing information to a third party link, we are not responsible for its privacy or protection.
Please be cautious when submitting material to websites. Read that site’s privacy and data protection policies in full.
​
​
I am committed to providing a safe environment for clients, others in the building, as well as myself, free from physical violence, intimidation, acts of threats, harassment, coercion or verbal abuse.
​
Any incident of abuse will be dealt with as a matter of urgency and will be reported to the relevant authorities including the police. An incident is classed as any situation in which I, a client, or other individual in the building is faced with direct or perceived violence, aggression, or any form of abuse regardless of it being verbal or written that causes distress including email, text, phone calls, and social media.
An incident is classed as any situation in which I, a client, or other individual in the building is faced with real or perceived aggression, violence, any form of abuse whether physical, verbal, or written that causes distress, this includes the following, but is not limited to, therefore this list is not exhaustive:
​​​
Physical Abuse: Any actual or perceived behaviours which include use of objects to cause injury, invasion of personal space, and physical contact, including pushing, stalking, touching, hitting, and spitting. The intentional application of force against an individual without lawful justification resulting in personal discomfort or physical injury.
Verbal Abuse: Words used to cause actual or perceived fear, intimidate, distress an individual or group including yelling, shouting, swearing at the practitioner, or offensive gestures or remarks. Derogatory religious, racial, or sexual behaviour or remarks, inappropriate behaviour as a result of substance misuse including illicit or non-prescribed medication and drugs or alcohol. Threats or perceived threatening behaviour i.e. I know where you live, or harassment or stalking.
Abuse in Writing: Any written word (email, letter, text message, social media post etc) which can cause actual or perceived fear, distress, or intimidate anyone whom the written word pertains too. This includes directly identifiable or inferred information that can identify the individual or group.
Aggression: Harassment, intimidation, challenging an individual’s right to physical and emotional safety, and health. The use of inappropriate behaviour or words causing actual or perceived distress and/or constituting harassment. This includes receipt of abusive texts/telephone calls/social media posts etc. from any source.
A Hate Crime: Any words/behaviours with the intent of holding prejudices against an individual’s race, religion, disability, beliefs, gender identify or sexual orientation regardless of whether this is carried out verbally or physically including harassment, intimidation, threats, or damage to property.
Liaison with Police: If any individual experiences abuse this will be reported to the police for investigation. Sudworth Psychology will support the police in any investigations with regards to incidents reported with a view to prosecution.
​
The therapeutic relationship following a single incident will be terminated – the client will be asked to leave the premises, refusal to do this will result in the police being called. The client will be notified in writing that they will no longer be seen and will be removed as a client from Sudworth Psychology with immediate effect.
​