Please take the time to read my Privacy Policy.

Privacy Policy

Contact Information: JLA Therapy & Wellbeing LTD

Cookie Statement

JLA Therapy & Wellbeing does not actively store data or capture personal information, however it does make use of ‘cookies’. These cookies help the website run smoothly and provide a better user experience. For this reason, I declare that my website uses cookies and in line with GDPR. 

Comments 

If you leave a comment on my website, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. 

These cookies will last for one year.            

Data Controller   

JLA Therapy & Wellbeing LTD is a registered member of the Information Commissioner’s Office (ICO) and Joanne Adams is the named data controller and processor. I work with Data Protection and GDPR and have systems and processes in place to protect your personal information.


Legitimate Interests

I keep client data in line with what the ICO regards as “Legitimate Interests”. This means that the data is necessary for me to fulfil the Agreement that we have together (i.e., to provide therapy and wellbeing services) and the data collected is what you would reasonably expect me to hold and use for the services accessed.


The data I hold following an enquiry to me regarding therapy includes any information you send to me by email, text or message.


The data I hold following a booked and attended session includes:

  • Information completed and shared as part of the JLA Good Practice Agreement
  • Information that you give me as part of the work we do together.
  • Records of what I observe, approaches/interventions I use in our sessions
  • Emails, texts and/or messages that are sent between us.
  • Information sent from any third party.

Special Category

Some of the information that you give me may fall under the definition of special category data as defined by the General Data Protection Regulation. The condition for processing this special data is as follows; “processing is necessary for medical diagnosis, the provision of health care or treatment pursuant to contract with a health professional”.


Data is not shared without your consent. However, there are exceptions as detailed in the JLA Good Practice Agreement and the JLA Confidentiality Policy. Please also note, my accountant may see bank or credit card details which contain any information that you submit when making payment. If you would like me to redact any identifiable information before sending to the accountants, please let me know.

Storing Data  

Data collected is primarily used to enable me to provide therapy.


Details of where data is held:

  • JLA Good Practice Agreement is stored electronically and kept on devices that are password and or require fingerprint/ face ID
  • Any emails sent between us are stored electronically and kept on devices that are password and/or require fingerprint/ face ID. Emails maybe transferred to a secure data system or routinely deleted.
  • Any texts sent between us are held on devices that are password and/or require fingerprint/ face ID. Texts sent or received are routinely deleted.
  • Notes taken on paper during service provision are transferred to a secure data system following the service delivery and the paper notes are securely disposed of.  Your records are only accessible by me or by a designated therapist (Clinical Will) as agreed if I am too unwell to contact you.
  • Video calls take advantage of encryption offered by Zoom.
  • Anonymised material to include audio recordings from sessions may be used for training/research/or publication. In such cases written consent from you is required prior to the use of any agreed material. Consent can he retracted up to the point of submission/use of materials agreed.
  • Your data is kept for 7 years. The length of time is based on good practice recommended by the United Kingdom Council Psychotherapy (UKCP).  After this time all data records are permanently deleted.
  • Audio recordings are stored electronically and kept on a safely stored password protected device for up to 12 months and then deleted.

Security

I take the security of data seriously and as such:

  • I give details of all security measures including how any systems you use are secure.
  • If there is any breach of data security, I will give full details to the Information Commissioners Office and any person affected within 72 hours of the breach being known to me and do all possible to minimise any potential impact.

You have rights with regards to the data held:

  • The right of access. Following a request for data I hold on to you, I aim to meet your request within 30 days, unless this is not possible due to illness or taking a break.
  • The right to rectification. If any data I hold is incorrect, please let me know and I will correct it within 30 days, unless this is not possible due illness, or I am taking a break
  • The right to erasure. If you wish me to erase your data, please let me know and I will delete any computer records and securely dispose of any paper records within 30 days of your request, unless this is not possible due to illness, or I am taking aa break.

Please be aware that data may be retained for legal purposes, or statistical purposes. Session notes or data such as address/email/phone do not fall under this category.

  • In all cases and when considering such requests, these rights are obligatory unless it is information that I have a legal obligation to retain to include tax purposes.
  • The right to restrict processing. This would usually be a stop-gap measure before correction of any errors or before erasure.
  • The right to data portability. This might apply if you wish your notes to be sent to another therapist for example. My preference for this type of request would be to send the notes directly to you to forward on.

The right to object to:

  • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling). I do not engage in these.
  • direct marketing, please let me know if you prefer not to receive email updates from me.
  • processing for purposes of research and statistics. For this, you must provide grounds for your objection.
  • automated decision making and profiling. I do not engage in automated decision making or profiling.
  • The right to withdraw consent to hold and process your data at any time. However, if you do this whilst engaging in therapy or any other service provision, therapy or the service provision will end.

Disclaimer: Your role in protecting your own privacy

I make every effort to ensure that my clients' personal information is held securely and to safeguard against unauthorised access. At the same time, in agreeing to my privacy policy, I require the following:

  1. You acknowledge that the privacy of your communications and personal information can never be completely guaranteed when it is being transmitted over the internet.
  2. You acknowledge and agree that you share information via the internet at your own risk and that electronic messages are not encrypted, and our communication may be seen by others, such as internet hackers or people with access to your devices or living at your address.
  3. You agree to take responsibility for your own role in safeguarding your data privacy in the email address you choose to use, and whether you choose to password protect information you send to me.
  4. You agree to not record any part of our therapy sessions or other communications we may hold.