As part of Tealight Counselling’s efforts to be a responsible service provider, we aim to comply with the General Data Protection Regulation (GDPR). Below, we have detailed how we use your data and how we endeavour to keep your data safe.
- Nearly all our work is done digitally and, wherever possible, we are working towards being an entirely paper-free organisation. If we have any paperwork related to you personally, such as a form used in the counselling assessment process, the papers will be scanned and transformed into digital files which will be stored on a password-protected computer and/or biometrically protected smartphone. The original paper copies will be shredded.
- All of our paperwork related to the counselling practice files is backed up regularly to an external hard drive. It’s useful for us to have these files stored on the hard drive for several years in case we, or our clients, need to refer back to them. If you would prefer for us to delete files when we have finished working on them, we will be happy to comply with your request.
- We will not share any paperwork related to our clients with any third party without clearly stated permission from the client, with the only exception being the unlikely event that we feel an individual’s safety is at risk for some reason and we therefore need to contact the police or another authority.
- Contact details supplied by a client will be kept in a database and in the email program we use (in our email inbox) for a number of years. These details may also be stored in a Contacts software application (we only use Contacts software made by Google LLC or Apple Inc).
- Some of your personal details (such as those which relate to the fees you have paid for counselling) may be stored by us in a spreadsheet or in accounting software we use (from a reputable accounting firm which is GDPR compliant). The details we have can be exported easily if you would like to see a copy. This information can be viewed on request.
- If you request for your contact details to be removed from our spreadsheets or accounting software, we can do this only so far as we are in compliance with HMRC, who require us to keep certain records for at least five or six years.
- We will not add your contact details to any mailing list without your prior expressed consent.
- We will always strive to limit the danger of a data breach by keeping the software and hardware that we use up to date. Wherever possible, we use password and biometric protection to access any files (on any device) containing client data.
If you have any questions relating to our use of your data and/or the GDPR, feel free to email us.