Privacy Policy

Privacy Policy

I, Tess Wintgens understand how important your privacy is. I take care to maintain your
confidentiality in accordance with current data protection laws (GDPR, 2018) and the ethical
guidelines of The British Association for Counselling and Psychotherapy . These guidelines have
been set up to protect your confidential material and ensure that your therapist always conducts
themselves with professionalism and integrity.
In order to provide you with the best service possible, I will hold your personal contact details and
records of your therapy sessions. Please find below important information about how this
information will be held and used.

Your personal information

I use the secure, encrypted and password protected practice management platform, Halaxy to
collect and store your personal data. At the point of booking your initial consultation with me, you
will be asked for your personal contact information, for example your name, address, email
address and telephone number and you may also choose to share details of the issues you are
looking for help with.
Your contact information is stored securely in Halaxy and can only be accessed by me.
In order to be able to fulfil my duty of care to you, in your initial consultation or first treatment
session, I will ask you for contact information for your GP and elected Emergency Contact
person. These details will be stored securely in a locked file and will only be accessible to me.
This personal information will be held for the duration of your therapy after which it will be deleted
from the Halaxy database.
Please note that I will need to keep a record of your name and client reference number for seven
years after the end of your therapy, so that we can respond effectively to any potential requests
regarding your clinical notes and treatment.
I will never pass on your contact details to any third party organisations for the purposes of sales,
marketing or research and will never use your personal data for any purposes other than the
administration of the counselling service I am providing to you i.e. to arrange, cancel and
rearrange appointments and collect payment for sessions.

Online Bookings

When you make an online booking or payment, Zoho will send a booking notification to myself
your therapist via email and the Zoho messaging system.
Anonymised payment details are recorded in our financial income reports. These reports will
only hold your first name, last name initial and unique client reference number. The HMRC
requires that we retain this information for 5 years after the end of the financial year.
My website uses cookies. You can find the details of our here [ADD LINK]

Your payment details

No payments are made through my website. My website therefore does not hold your payment information. Where you have
made payment for your session over the phone or bank transfer, I will never keep a record of
your card details. Your information is inputted directly into the card payment portal and no written
record will be taken.

Your therapy sessions

Everything that you discuss with me, your therapist is confidential. Confidentiality will only be
broken if there is concern about your safety or the safety of someone else or I am instructed to
do so by a Court of Law. I will always endeavour to speak to you about this first.
During remote working I will ensure that I am conducting online and telephone sessions in a
quiet, private and confidential setting. I have selected video calling platforms that offer end to end
encryption to ensure maximum privacy. Please note however that I cannot be held responsible
for any breaches that occur due to failures in this technology.
I discuss my clinical work with a supervisor. This is to ensure that I am offering you the best
service possible. These conversations are bound by confidentiality and you will only be referred
to by your first name.
I keep notes of each session. These are anonymised and are stored in a locked filing cabinet
and within the secure Halaxy system (https://eu.halaxy.com). These notes are for my use only
and help to keep a track of everything that is being discussed. In line with industry guidelines,
these notes will be kept securely for up to seven years after your therapy comes to an end. After
this time, they will be confidentially destroyed.
If your sessions are paid for or arranged via a third party, (e.g. your employer, a friend, or a
family member), other than payment requests, invoices or receipts your counselling information
will not be shared. Details about what is discussed in your sessions will remain confidential
between us. Any other information can only be shared if you provide your written consent.
 

Your communications with me

All of my email accounts use the secure GSuite server and are double password protected If you
send an email to your therapist’s email address, only they will have access to it.
All phones, tablets and laptops used to respond to your emails are encrypted, fully protected with
anti-virus software and password protected.
 

Data Usage
 

e.g. I will only use your email address and telephone number to contact you about your
appointments. I may also contact you directly via email in order to share information with you that
is pertinent to your therapeutic process.
Your phone number may also be used to issue appointment reminders via text message. You
can opt in or out of text updates.

Your rights

Any personal data retained by me is kept in accordance with the GDPR, 2018.
Under these guidelines you have the following rights

1. The right to request access to your data
You can request to view the information that I hold about you (contact details, appointment logs
etc.) at any time. If during therapy you would like to see your session notes, please let me know.
Should you require a copy of your notes after your therapy has come to an end you can make
this request by emailing hello@shifting-seas-counselling.co.uk or calling me on +44 7826814757
 

2. The right of rectification
At any point during your time using my service or during the seven years thereafter, while we
retain your records, you have the right to request amendments to your contact details or session
notes. This right can be exercised either by speaking directly to me or by contacting me in
writing.
 

3. The right to be forgotten
You can request that I delete and confidentially destroy the information that I hold about you and
your sessions at any time. This request can be made by contacting me on +44 7826814757
 

Instances where I would not be able to comply with your request are as follows:
1. a) It is necessary for me to retain these records in order to continue providing an effective
service
2. b) I am compelled to retain these records by a Court of Law
3. c) I require these records in order to establish, exercise or defend legal claims

Consent

When you book your first session with me, you will be asked to provide a signature on written
contract to confirm that you consent to the storage and processing of your personal data for the
purposes of providing therapeutic services.
You are entitled to withdraw this consent at any time and can do so by emailing me at  hello@shifting-seas-counselling.co.uk

Breaches of data protection

In the event of any breach of my data protection policies, I will notify you and the Information
Commissioner’s Office (ICO) within 72 hours and will seek to rectify this immediately.
 

Raising concerns

Should you have any concerns about my data protection practices, you can raise these directly
with me. You can also notify the Information Commissioner’s Office. I am registered with ICO
under the reference number ZB567259.